Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 306/3920 | < Previous Page | 302 303 304 305 306 307 308 309 310 311 312 313  | Next Page >

  • .NET library for generating javascript?

    - by Rune
    Do you know of a .NET library for generating javascript code? I want to generate javascript code based on information in my .NET application. I would like to be able to create an AST-like datastructure (using C#) and have it turned into valid javascript. I need to be able to create functions, statements, expressions etc., so I need something more than a JSON serializer - but I guess you could think of this as a (very) generalized JSON serializer. Do such libraries exist and if so, could you recommend any? Thank you.

    Read the article

  • How can I validate/secure/authenticate a JavaScript-based POST request?

    - by Bungle
    A product I'm helping to develop will basically work like this: A Web publisher creates a new page on their site that includes a <script> from our server. When a visitor reaches that new page, that <script> gathers the text content of the page and sends it to our server via a POST request (cross-domain, using a <form> inside of an <iframe>). Our server processes the text content and returns a response (via JSONP) that includes an HTML fragment listing links to related content around the Web. This response is cached and served to subsequent visitors until we receive another POST request with text content from the same URL, at which point we regenerate a "fresh" response. These POSTs only happen when our cached TTL expires, at which point the server signifies that and prompts the <script> on the page to gather and POST the text content again. The problem is that this system seems inherently insecure. In theory, anyone could spoof the HTTP POST request (including the referer header, so we couldn't just check for that) that sends a page's content to our server. This could include any text content, which we would then use to generate the related content links for that page. The primary difficulty in making this secure is that our JavaScript is publicly visible. We can't use any kind of private key or other cryptic identifier or pattern because that won't be secret. Ideally, we need a method that somehow verifies that a POST request corresponding to a particular Web page is authentic. We can't just scrape the Web page and compare the content with what's been POSTed, since the purpose of having JavaScript submit the content is that it may be behind a login system. Any ideas? I hope I've explained the problem well enough. Thanks in advance for any suggestions.

    Read the article

  • How does XmlSiteMapProvider check user to be in specified role?

    - by abatishchev
    I roll my own SiteMapProvider inheriting System.Web.XmlSiteMapProvider. I want to override logic of checking user to be in a role specified in siteMapNode's property roles: <siteMapNode url="Add.aspx?type=user" title="Add user" roles="admin" /> How can I do that? Which class's member does XmlSiteMapProvider call to check that if securityTrimmingEnabled="true"?

    Read the article

  • Sql Server copying table information between databases

    - by Andrew
    Hi, I have a script that I am using to copy data from a table in one database to a table in another database on the same Sql Server instance. The script works great when I am connected to the Sql Server instance as myself as I have dbo access to both databases. The problem is that this won't be the case on the client's Sql Server. They have seperate logins for each database (Sql Authentication Logins). Does anyone know if there is a way to run a script under these circumstances. The script would be doing something like. use sourceDB Insert targetDB.dbo.tblTest (id, test_name) Select id, test_name from dbo.tblTest Thanks

    Read the article

  • How do I send email over SMTP with SSL using Java client?

    - by Ido
    I need to send email over smtp with ssl using java client. I'm not sure how to do that. If I have my server certificate installed on my Windows machine, how do I use it? If I want it to work on a non-Windows machine, do I need to get the certificates in a different way? BTW: If the SMTP server that I use is using SSL, can I be sure that it will send the mail to the recipient using SSL?

    Read the article

  • Invoke an action that is using ASP.NET MVC [Authorize] from outside the application

    - by Nate Bross
    Is this possible? I'd like to expose a URL (action) such as http://mysever/myapp/UpdateHeartbeat/. In my MVC application it looks like [Authorize] [AcceptsVerbs(HttpVerbs.Post)] public ActionResult UpdateHeartbeat() { // update date in DB to DateTime.Now } Now, in my MVC application the user has logged in via FORMS authentication and they can execute that action to their hearts content. What I want to do, is hit that URL progromatically (as part of an API that I wouldl like to build) -- is there a way I can do that without removing the [Authorize] attribute and adding username/password as parameters to the POST?

    Read the article

  • Error Messaged and Error Code design

    - by Ved
    We are designing set of web services which will return XML string in response. These are RESTFul services so I will have to send exception inside element. I am planing to design set of Error code which can help me determine where level occured just by looking at the code. For Example 1000 - Application Level 2000 - DB level 3000 - Network level so if I have error message then I can know right away that this was an application level error and it came from 1st business module. I am not very experience in this so I would love to here your thoughts and criticism. Thanks

    Read the article

  • Humor in code

    - by pfranza
    When you are writing code or naming products, which sources of cultural references are you most likely to draw from? Which reference sources do you think are more likely to be universally understood? For example when findbugs sees that you've implemented equals() without overriding hashCode() it suggest that you implement it by returning 42 (a reference from HHGTTG) Or why we have big endian vs little endian encoding, referencing Gulliver's Travels Not that we should act unprofessionally with our code, but if you going to tell a person that they could only (watch/read/...) one (book/movie/show/...) which one would allow them to 'get' the most jokes?

    Read the article

  • Prevent query string manipulation by adding a hash?

    - by saille
    To protect a web application from query string manipulation, I was considering adding a query string parameter to every url which stores a SHA1 hash of all the other query string parameters & values, then validating against the hash on every request. Does this method provide strong protection against user manipulation of query string values? Are there any other downsides/side-effects to doing this? I am not particularly concerned about the 'ugly' urls for this private web application. Url's will still be 'bookmarkable' as the hash will always be the same for the same query string arguments. This is an ASP.NET application.

    Read the article

  • php send mail code not working

    - by anand
    php $to = "[email protected]"; $subject = "Hi!"; $body = "Hi,\n\nHow are you?"; if (mail($to, $subject, $body)) { echo("pMessage successfully sent!/p"); } else { echo("pMessage delivery failed.../p"); } wrote a basic php sendmail code that but it gives me the following error Warning: mail() [function.mail]: "sendmail_from" not set in php.ini or custom "From:" header missing in C:\xampp\htdocs\mail.php on line 5 Message delivery failed... i changed the php.ini file and put [email protected] but still the problem persists... writing the mail script for the first time Am i doing something wrong? is there a better code or way to go thru this? Any help will be appreciated Thank you

    Read the article

  • How to evaluate javascript code in Python

    - by overboming
    I need to fetch some result on a webpage, which use some javascript code to generate the part I am interesting in like following eval(function(p,a,c,k,e,d){e=function(c){return c};if(!''.replace(/^/,String)){while(c--)d[c]=k[c]||c;k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p;}('5 11=17;5 12=["/3/2/1/0/13.4","/3/2/1/0/15.4","/3/2/1/0/14.4","/3/2/1/0/7.4","/3/2/1/0/6.4","/3/2/1/0/8.4","/3/2/1/0/10.4","/3/2/1/0/9.4","/3/2/1/0/23.4","/3/2/1/0/22.4","/3/2/1/0/24.4","/3/2/1/0/26.4","/3/2/1/0/25.4","/3/2/1/0/18.4","/3/2/1/0/16.4","/3/2/1/0/19.4","/3/2/1/0/21.4"];5 20=0;',10,27,'40769|54|Images|Files|png|var|imanhua_005_140430179|imanhua_004_140430179|imanhua_006_140430226|imanhua_008_140430242|imanhua_007_140430226|len|pic|imanhua_001_140429664|imanhua_003_140430117|imanhua_002_140430070|imanhua_015_140430414||imanhua_014_140430382|imanhua_016_140430414|sid|imanhua_017_140430429|imanhua_010_140430289|imanhua_009_140430242|imanhua_011_140430367|imanhua_013_140430382|imanhua_012_140430367'.split('|'),0,{})) The result of eval() is valuable to me, I am writing a Python script, is there any library I can use to virtually run this piece of javascript code and get the output? Thanks

    Read the article

  • eclipse gcov plugin

    - by Taani
    I am using gcov plugin in Eclipse CDT + cygwin compiler & linker to find code coverage. I installed gcov plugin from http://svn.sourceforge.jp/svnroot/ginkgo/trunk/org.ginko.gcov.update/ location and follow the below link to get coverage of my .c file. I was able to create .gcno and .gcda files. But double clicking on those files, opens the files in eclipse editor. I could not find the gcov editor. Also I couldn't see any code coverage results in my .c file. What is the wrong with my procedure?

    Read the article

  • Unreachable breakpoint at execut(able/ing) code

    - by shadeMe
    I've got two DLLs, one in written in native C++ and the other in C++/CLI. The former is injected into a process, and at a later point in time, loads the latter. While debugging, I noticed that the native DLL's breakpoints were functioning correctly while the other's weren't, even though its code was being executed. The breakpoints showed this message: This breakpoint will not be hit. No executable code associated with this line. Possible causes include: preprocessor directives or compiler/linker optimizations. The modules window tells me that the plugin's symbols are loaded. I'm running with its DEBUG build. Any ideas on why this is so and perhaps a fix ?

    Read the article

  • Are there any differences between MSSQL and MySQL when it comes to preventing SQL injection?

    - by Derek Adair
    I am used to developing in PHP/MySQL and have no experience developing with MSSQL. I've skimmed over the PHP MSSQL documentation and it looks similar to MySQLi in some of the methods I read about. For example, with MySQL I utilize the function mysql_real_excape_string(). Is there a similar function with PHP/MSSQL? What steps do I need to take in order to protect against SQL injection with MSSQL? What are the differences between MSSQL and MySQL pertaining to SQL injection prevention?

    Read the article

  • From interpeted to native code: "dynamic" languages compiler support

    - by Daniel
    First, I am aware that dynamic languages is a term used mainly by a vendor; I am using it just to have a container word to include languages like Perl (a favorite of mine), Python, Tcl, Ruby, PHP and so on. They are interpreted but I am interested here to refer to languages featuring strong capability to support the programmer efficiency and the support for typical constructs of modern interpreted languages My question is: there are dynamic languages can be compiled efficiently in native executable code - typically for Windows platforms? Which ones? Maybe using some third part ad-hoc tools? I am not talking about huge executables carrying with them a full interpreter or some similar tricks nor some smart module able to include its own dependances or some required modules, but a honest, straight, standard, solid executable code. If not, there is some technical reason inhibiting the availability of such a best-of-both-world feature? Thanks! Daniel

    Read the article

  • RESTFul, statelesness and sessions

    - by Per Arneng
    RESTFul service has a rule that it should be stateless. By beeing that it does not allow a session to be created and maintained by sending a session key between the client and the server and then holding a session state on the server. If i look at the definition in wikipedia of stateless server http://en.wikipedia.org/wiki/Stateless_server "A stateless server is a server that treats each request as an independent transaction that is unrelated to any previous request" It states that it should be unrelated to any previous request. In practice this means that any type of authentication will be comparing the credentials of a user to a state on the server that was created by a previous operation. So a service called login is related to and dependent on the state that has been created by previous requests (ex: create_user and/or change_password). In my view you are breaking statelessnes by doing authentication. My point is that people are complaining about having sessions in RESTFul is breaking statelesness but doing authentication is also breaking the same rule. What do you think?

    Read the article

  • Debate: Can a HTTPS connection be hijacked with a man-in-the-middle kind of attack?

    - by Iulian Serbanoiu
    Hi, I'm wondering if the company I work for can see what I'm doing when I'm using a HTTPS connection - gmail for example. My case: I'm using gmail from work but I need to enter a password for a proxy when accesing the first web page - the password is asked inside the browser. I receive from the proxy a certificate which I must accept in order to make the Internet connection work. So the question is: Can https data exchange, between gmail and browser, be tracked? Thanks, Iulian

    Read the article

  • Auto-Complete Suggestions in Source Code Editor

    - by Jim
    Hello, Most IDEs (Eclipse, Netbeans, Intelij) provide contextually smart suggestions about the current statement you're writing. We would like to do the same thing (In Java for Java). We considered tokenizing the input and building our own abstract syntax trees, but quickly realized that could be a month long project in and of its self. We also started digging through the source code for the above mentioned IDEs, but it appears (correct me if I'm wrong) that the auto-complete code is pretty tightly woven with the rest of the IDE. We're wondering if anyone knows of a relatively isolated package that we could pull into our project to provide this auto-complete functionality. Thanks!

    Read the article

  • Call Babel .Net Obfuscator from C# Code

    - by aron
    Hello, I have a C# WinForms app that I use to create software patches for my app. In noticed that Babel .Net includes Babel.Build.dll and Babel.Code.dll Is there a way, in my C# code, I can call Babel .Net something like: ExecuteCommand(C:\Program Files\Babel\babel.exe "C:\Patch\v6\Demo\Bin\Lib.dll" --rules "C:\Patch\babelRules.xml", 600) Here's a common script to execute a CMD prompt in C#. However if I just include the Babel.Build.dll in my winform I may be able to do it seamlessly. public static int ExecuteCommand(string Command, int Timeout) { int ExitCode; ProcessStartInfo ProcessInfo; Process Process; ProcessInfo = new ProcessStartInfo("cmd.exe", "/C " + Command); ProcessInfo.CreateNoWindow = true; ProcessInfo.UseShellExecute = false; Process = Process.Start(ProcessInfo); Process.WaitForExit(Timeout); ExitCode = Process.ExitCode; Process.Close(); return ExitCode; }

    Read the article

  • Is there an encrypted version control system?

    - by Mike
    I am looking for an encrypted version control system . Basically I would like to -have all files encrypted locally before sending to the server. the server should never receive any file or data unencrypted. -Every other feature should work pretty much the same way as SVN or CVS does today. Can anyone recommend something like this? I did a lot of searches but I cant find anything.

    Read the article

  • MySQL Procedures : Standard/Best Place For Code Documentation?

    - by rlb.usa
    I'd like to put a paragraph or so for documentation on each of my MySQL procedures: date, author, purpose, etc. Is there a standard, accepted, or best place to put this kind of documentation? For example, In MSSQL, some IDE's will generate a template for you to start coding your procedure; it comes with a little place for code documentation. USE [MyDatabase] GO /****** Object: StoredProcedure [dbo].[StoreRecord] Script Date: 04/29/2010 09:21:57 ******/ SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO -- ============================================= -- Author: -- Create date: -- Description: -- ============================================= ALTER PROCEDURE [dbo].[StoreRecord] -- ... more code ...

    Read the article

  • Simple ADO.NET C# Stored Procedure Generator

    - by Ron
    I am using Visual Studio 2005, Sql Server 2005, C#, ADO.NET. We have a very large database and routinely adding new stored procedures. I am tired of writing the C# wrapper code for these stored procedures, seems like there should be some simple utility or Add In that would allow me to simply point to a stored procedure and generate some generic C# code. I am not looking for some big ORM or data access layer framework. The company I am doing this for is not interested in moving to something like that right now. Just wanting something to take the grunt work out of writing the C# wrappers around stored procedures. Again, prefer that we do not have to include in other 3rd party libraries, etc. Any ideas?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 302 303 304 305 306 307 308 309 310 311 312 313  | Next Page >