Search Results

Search found 97980 results on 3920 pages for 'code security'.

Page 311/3920 | < Previous Page | 307 308 309 310 311 312 313 314 315 316 317 318  | Next Page >

  • Swapping data binding in code

    - by Phil J Pearson
    I have two data-bound text boxes. One is bound to a string and the other to a number. The 'default' binding is set in XAML. Under some circumstances I need to reverse the bindings at runtime (the string is usually a prefix but sometimes it's a suffix). I have the following code in my view model, called when the window is loaded: Binding stringBinding = BindingOperations.GetBinding(view.seqLeft, TextBox.TextProperty); Binding numberBinding = BindingOperations.GetBinding(view.seqRight, TextBox.TextProperty); view.seqLeft.SetBinding(TextBlock.TextProperty, numberBinding); view.seqRight.SetBinding(TextBlock.TextProperty, stringBinding); After that the code loads the properties to which the binding refers. The problem is that the 'new' binding doesn't seem to work. What have I missed? Is there a better way?

    Read the article

  • IIS7 integrated mode closing token between requests

    - by user607287
    We are migrating to IIS7 integrated mode and have come across an issue. We authenticate using WindowsAuthentication but then store a reference to the WindowsPrincipal so that on future requests we can authorize as needed against AD. In IIS 7 Integrated mode, the token is being closed (between requests) so that when we try to run IsInRole it generates a disposed exception. Is there a way to cache this token or change our use of WindowsPrincipal so that we don't need to make successive AD requests to get it for each authorization request? Here is the exception being thrown from WindowsPrincipal.IsInRole("") - System.ObjectDisposedException: {"Safe handle has been closed"} Thanks.

    Read the article

  • How to write a Compiler in C for C

    - by Kerb_z
    I want to write a Compiler for C. This is a Project for my College i am doing as per my University. I am an intermediate programmer in C, with understanding of Data Structures. Now i know a Compiler has the following parts: 1. Lexer 2. Parser 3. Intermediate Code Generator 4. Optimizer 5. Code Generator I want to begin with the Lexer part and move on to Parser. I am consulting the following book: Compilers: Principles, Techniques, and Tools by Alfred V. Aho, Ravi Sethi, Jeffrey D. Ullman. The thing is that this book is highly theoretical and perplexing to me. I really appreciate the authors. But the point is i am not able to begin my project, as if i am blinded where to go. Need guidance please help.

    Read the article

  • Use of LOC to determine project size

    - by acidzombie24
    How many lines of code (LOC) does it take to be considered a large project? How about for just one person writing it? I know this metric is questionable, but there is a significant difference, for a single developer, between 1k and 10k LOC. I typically use space for readability, especially for SQL statements, and I try to reduce the amount of LOC for maintenance purpose to follow as many best practice as i can. For example, I created a unified diff of the code I modified today, and it was over 1k LOC (including comments and blank lines). Is "modified LOC" a better metric? I have ~2k LOC, so it's surprising I modified 1k. I guess rewriting counts as both a deletion and addition which doubles the stats.

    Read the article

  • Is it dangerous to store user-enterable text into a hidden form via javascript?

    - by KallDrexx
    In my asp.net MVC application I am using in place editors to allow users to edit fields without having a standard form view. Unfortunately, since I am using Linq to Sql combined with my data mapping layer I cannot just update one field at a time and instead need to send all fields over at once. So the solution I came up with was to store all my model fields into hidden fields, and provide span tags that contain the visible data (these span tags become editable due to my jquery plugin). When a user triggers a save of their edits of a field, jquery then takes their value and places it in the hidden form, and sends the whole form to the server to commit via ajax. When the data goes into the hidden field originally (page load) and into the span tags the data is properly encoded, but upon the user changing the data in the contenteditable span field, I just run $("#hiddenfield").val($("#spanfield").html(); Am I opening any holes this method? Obviously the server also properly encodes stuff prior to database entry.

    Read the article

  • New to C/C++ Using Android NDK to port Legacy code, getting compile errors

    - by Donal Rafferty
    I have been trying to take some old Symbian C++ code over to Android today using the NDK. I have little to no C or C++ knowledge so its been a chore, however has to be done. My main issue is that I'm having trouble porting what I believe is Symbian specifi code to work using the small C/C++ subset that is available with the Android NDK. Here is a picture of the compilation errors I'm getting using cygwin I was wondering if anyone could point me in the right direction on how to deal with these errors? For instance is TBool/Int/TUint/RPointerArray/RSocket a Symbian primitive and thats why it wont compile or is it something else? Also what is ISO C++? Any tutorials, guides or tips and help would be greatly appreciated.

    Read the article

  • Godaddy's Code sign certificate and MIDlet

    - by abc
    i have developed an application in java (J2ME), and i want trusted domain for that application using goDaddy's certificate. can i obtain it ? let me re describe the full scenario. i have developed an application.in which i want FILE IO operations to be done without the permission of user (for every read write, it means user will be asked only once.) so to obtain that i want trusted domain for my application. for that i need to sign my application using code sign certificate. now go Daddy's certificate is not listed under Nokia 3110Classic, so i have externally added it in CA list. but still its showing app signing option disabled. so my question is can i obtain trusted domain using the goDaddy's code sign certificate ?

    Read the article

  • How to secure phpMyAdmin

    - by Andrei
    Hi, I have noticed that there are strange requests to my website trying to find phpmyadmin, like /phpmyadmin/ /pma/ etc. Now I have installed PMA on Ubuntu via apt and would like to access it via webaddress different from /phpmyadmin/. What can I do to change it? Thanks

    Read the article

  • Encrypt URL in asp.net

    - by Zerotoinfinite
    Hi All, My site is in asp.net 3.5 and C#. I am sending link to my user through mail, now I want to send each user a specific URL. so instead of sending the clear text I want to send link with encrypted string URL, which I will decrypt on my home page. Like instead of www.mysite.aspx\mypage?userId=12 i'll send www.mysite.aspx\mypage?UserId=)@kasd12 and the same i'll decrypt on my page so that I'll get the userId = 12. Please let me know if my approach is correct and not and how can I encrypt & decrypt the string in simplest and easier manner. Thanks in advance.

    Read the article

  • Calling unmanaged c++ code in C# Mixed with STL

    - by Turtle
    Hey, I want to call unmanaged c++ code in C# The function interface is like following(I simplified it to make it easy to understand) Face genMesh(int param1, int param2); Face is a struct defined as: struct Face{ vector<float> nodes; vector<int> indexs; } I googled and read the MSDN docs found ways to call simple c/c++ unmanged code in C#, also know how to hand the struct as return value. And My question is how to handle "vector". I did not find rules about mapping between vector and some types in C# Thanks!

    Read the article

  • SQL Injection When Using MySQLi Prepared Statements

    - by Sev
    If all that is used to do any and all database queries is MySQLi prepared statements with bound parameters in a web-app, is sql injection still possible? Notes I know that there are other forms of attack other than sql-injection, but my question is specific to sql-injection attacks on that particular web application only.

    Read the article

  • Can this be imporved? Scrubing of dangerous html tags.

    - by chobo2
    Hi I been finding that for something that I consider pretty import there is very little information or libraries on how to deal with this problem. I found this while searching. I really don't know all the million ways that a hacker could try to insert the dangerous tags. I have a rich html editor so I need to keep non dangerous tags but strip out bad ones. So is this script missing anything? It uses html agility pack. public string ScrubHTML(string html) { HtmlDocument doc = new HtmlDocument(); doc.LoadHtml(html); //Remove potentially harmful elements HtmlNodeCollection nc = doc.DocumentNode.SelectNodes("//script|//link|//iframe|//frameset|//frame|//applet|//object|//embed"); if (nc != null) { foreach (HtmlNode node in nc) { node.ParentNode.RemoveChild(node, false); } } //remove hrefs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("href", "#"); } } //remove img with refs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("src", "#"); } } //remove on<Event> handlers from all tags nc = doc.DocumentNode.SelectNodes("//*[@onclick or @onmouseover or @onfocus or @onblur or @onmouseout or @ondoubleclick or @onload or @onunload]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("onFocus"); node.Attributes.Remove("onBlur"); node.Attributes.Remove("onClick"); node.Attributes.Remove("onMouseOver"); node.Attributes.Remove("onMouseOut"); node.Attributes.Remove("onDoubleClick"); node.Attributes.Remove("onLoad"); node.Attributes.Remove("onUnload"); } } // remove any style attributes that contain the word expression (IE evaluates this as script) nc = doc.DocumentNode.SelectNodes("//*[contains(translate(@style, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'expression')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("stYle"); } } return doc.DocumentNode.WriteTo(); }

    Read the article

  • NSImage different size in code different shown by Finder/Preview

    - by krasnyk
    I have a couple of images that i use in my application(one of them is attached). The strange thing is that the real image size(shown by finder and preview) is 1200x701 px. When I access image from the code and as for its size, I get 360x210px. What is going on? Code I'm using to get the size of the image: NSImage *newImg = [[NSImage alloc] initWithContentsOfURL: [NSURL URLFromPasteboard:[sender draggingPasteboard]]]; float h = [newImg size].height; //height is 210px - should be 701px float w = [newImg size].width; //width is 320px - should be 1200px The content of the newImg is the same image that has been pointed and loaded - I display it in the NSImageView anyway so I see. Just the size taken with -size is wrong. This is the image:

    Read the article

  • How do API Keys and Secret Keys work?

    - by viatropos
    I am just starting to think about how api keys and secret keys work. Just 2 days ago I signed up for Amazon S3 and installed the S3Fox Plugin. They asked me for both my Access Key and Secret Access Key, both of which require me to login to access. So I'm wondering, if they're asking me for my secret key, they must be storing it somewhere right? Isn't that basically the same thing as asking me for my credit card numbers or password and storing that in their own database? How are secret keys and api keys supposed to work? How secret do they need to be? Are these applications that use the secret keys storing it somehow? Thanks for the insight.

    Read the article

  • Text code decoding

    - by Diana Villafane
    Hello. I am an English/Spanish Spanish/English translator. I have been given a job where I have to translate Spanish text messages sent from cell phones. Some of them are in code. I assume each set of figures represents a letter. Is there any website where I can find information on how to decipher the code? For instance, the first message says: ‘0x69 ox61 0x6e 0x70 0x72 0x2e 0x6e 0x65 0x74 0x2f 0x3f 0x64 0x34 0x39 0x31 0x66 0x30 0x37 0x38 0x35 0x35 0x32 0x39 0x62 0x36 0x31 0x31 0x00 Thank you for any help you provide. Diana

    Read the article

  • How to securely transfer

    - by michaeltk
    I have two servers -- a backend server, and a frontend server. Every night, the backend server generates static .html files, which are then compressed into .tar format. I need to write a script that resides on the backend server that will transfer the .tar file to the frontend server, and then decompress that .tar file into to the public web directory of the frontend server. What is the standard, secure way to do this? Thanks in advance.

    Read the article

  • Explain a block of crazy JS code inside Sizzle(the CSS selector engine)

    - by Andy Li
    So, here is the function for pre-filtering "CHILD": function(match){ if ( match[1] === "nth" ) { // parse equations like 'even', 'odd', '5', '2n', '3n+2', '4n-1', '-n+6' var test = /(-?)(\d*)n((?:\+|-)?\d*)/.exec( match[2] === "even" && "2n" || match[2] === "odd" && "2n+1" || !/\D/.test( match[2] ) && "0n+" + match[2] || match[2]); // calculate the numbers (first)n+(last) including if they are negative match[2] = (test[1] + (test[2] || 1)) - 0; match[3] = test[3] - 0; } // TODO: Move to normal caching system match[0] = done++; return match; } The code is extracted from line 442-458 of sizzle.js. So, why is the line var test = ..., have the exec inputing a boolean? Or is that really a string? Can someone explain it by splitting it into a few more lines of code?

    Read the article

  • Smart Client App: How to give Different Settings for Different Users

    - by Daniel
    Hi! I have a smart client application being deployed with a CickOnce webpage. here's the current scenario. User runs the application, and the application shows a login form. User enters ID/Password in the login form, and the application sends that information to the server. The server authenticates the user and sends configuration and data to the application. Different users have different configuration and data for their application. I was concerned that anyone can download the application from the webpage if they know the URL. So I'm trying to change the authentication scheme, so that users can login at the webpage to download the application. I want to send the authentication info from the webpage(Program running at the server) to the smart client app, so that application can download the configuration information from the server, without prompting users to make a login again. How can the webpage send the ID/Passoword to the application securely?

    Read the article

  • What's the best, Escape then store Or store then escape the output?

    - by Axel
    Hi, After doing a long search on stackoverflow i didn't find any one talked about this even if it's a big choice, the Question is what's the best in order to prevent both of XSS and SQL injection, Escaping the data then store it in the DB or Store it as it is and escape when output it? Note: it is better if you give some examples of practics if possible. Thanks

    Read the article

< Previous Page | 307 308 309 310 311 312 313 314 315 316 317 318  | Next Page >