Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 318/3920 | < Previous Page | 314 315 316 317 318 319 320 321 322 323 324 325  | Next Page >

  • Does HttpWebRequest automatically take care of certificate validation?

    - by Kevin Pang
    I'm using an HttpWebRequest object to access a web service via an HTTP POST. Part of the requirement is that I: Verify that the URL in the certificate matches the URL I'm posting to Verify that the certificate is valid and trusted Verify that the certificate has not expired Does HttpWebRequest automatically handle that for me? I'd assume that if any of these conditions came up, I'd get the standard "could not establish trust relationship for the SSL/TLS secure channel" exception.

    Read the article

  • RewriteRule help

    - by Camran
    I have successfully setup htaccess to do this: domain.com/ad.php?ad_id=bmw_m3_2498224 INTO: domain.com/ads/bmw_m3_2498224 However, I have a link on the page which makes the page submit to itself... The link saves the ad inside a cookie: domain.com/ad.php?ad_id=bmw_m3_2498224&save=1 // Note the 'save' variable I need to make this work on the rewritten rule also, so this link: domain.com/ads/bmw_m3_2498224/save will save the cookie... I have this so far which DOES NOT work for the save part: RewriteRule ^annons/([a-zA-Z0-9_]+)$ ad.php?ad_id=$1 [NC,L] How can I include another rule to accomplish what I want? Thanks

    Read the article

  • Code won't exit foreach block

    - by Matt
    I've got the following C# code segment that takes a list, finds objects that are ready to update, then shoves them into a temp list, deletes from the main list, and then goes on its merry way. My issue is that the foreach block, which cycles through my main list, won't exit. TempLog.Clear(); //Ensure TempLog is empty foreach (CLogger ready in PlayerLog) { if (ready.UpdateReady == true) // Record is ready to be updated in database { TempLog.Add(ready); // Add record to templog PlayerLog.Remove(ready); // Remove from playerlog } } <---- Never reaches this point if (TempLog.Count > 0) // Just check that templog isn't empty { new Thread(Update).Start(); // Run update code } I've put heaps of debugging in, and I can watch PlayerLog start at 1, TempLog at 0, then it enters the foreach loop, picks up that the record UpdateReady flag is on, TempLog goes to 1, PlayerLog goes to 0, then it just stops.. No errors, just stops.. Thanks for the help :)

    Read the article

  • arbitrary input from stdin to shell

    - by python_noob
    So I have this existing command that accepts a single argument, but I need something that accepts the argument over stdin instead. A shell script wrapper like the following works, but as I will be allowing untrusted users to pass arbitrary strings on stdin, I'm wondering if there's potential for someone to execute arbitary commands on the shell. #!/bin/sh $CMD "`cat`" Obviously if $CMD has a vulnerability in the way it processes the argument there's nothing I can do, so I'm concerned stuff like this: Somehow allow the user to escape the double quotes and pass input into argument #2 of $CMD Somehow cause another arbitary command to run

    Read the article

  • optimize python code

    - by user283405
    i have code that uses BeautifulSoup library for parsing. But it is very slow. The code is written in such a way that threads cannot be used. Can anyone help me about this? I am using beautifulsoup library for parsing and than save in DB. if i comment the save statement, than still it takes time so there is no problem with database. def parse(self,text): soup = BeautifulSoup(text) arr = soup.findAll('tbody') for i in range(0,len(arr)-1): data=Data() soup2 = BeautifulSoup(str(arr[i])) arr2 = soup2.findAll('td') c=0 for j in arr2: if str(j).find("<a href=") > 0: data.sourceURL = self.getAttributeValue(str(j),'<a href="') else: if c == 2: data.Hits=j.renderContents() #and few others... #... c = c+1 data.save() Any suggestions? Note: I already ask this question here but that was closed due to incomplete information.

    Read the article

  • Failed to execute stored procedure from the JDBC code using mysql connection

    - by Purushotham
    Hi, I have one database. I executed a stored procedure on it. I wrote some JDBC code to connect to this database. When I am calling this stored procedure from my JDBC code it is throwing SQLException. One interesting thing I found is that I have one user other than root user. This user has all the privileges to this database where the stored procedure is present. When I use the root user I am able to call the stored procedure successfully. But with the other user I am getting SQLexception. I am not able to find why it happens like this. For sure I want this user(other than root) has to call this stored procedure successfully. Thanks in advance.

    Read the article

  • ideas: per-file authentication in order to download

    - by suIIIha
    i would love to use mod_xsendfile but i live in a shared environment which does not provide such a module. processing large files such as videos through a server-side script and sending it to the browser that way seems to be unacceptable in my case, so i am looking for a way to enable per-file authentication in such a way that is not going to consume resources much. nobody shall know what the actual path is to the file they are downloading. please suggest how to do that.

    Read the article

  • About This Code

    - by the-ifl
    Hi Guys , well I have a simple and a stupid question !! in this code what is the role of the symbol "%3d"...I Now That % mean refer To Variable ...... This is The Code : #include <stdio.h> int main(void) { int t, i, num[3][4]; for(t=0; t<3; ++t) for(i=0; i<4; ++i) num[t][i] = (t*4)+i+1; /* now print them out */ for(t=0; t<3; ++t) { for(i=0; i<4; ++i) printf("%3d ", num[t][i]); printf("\n"); } return 0; }

    Read the article

  • Is it safe to display user input as input values without sanitation?

    - by Svish
    Say we have a form where the user types in various info. We validate the info, and find that something is wrong. A field is missing, invalid email, et cetera. When displaying the form to the user again I of course don't want him to have to type in everything again so I want to populate the input fields. Is it safe to do this without sanitation? If not, what is the minimum sanitation that should be done first? And to clearify: It would of course be sanitized before being for example added to a database or displayed elsewhere on the site.

    Read the article

  • FileSystemWatcher surpassing Active Directory restrictions

    - by DevexPP
    While experimenting with FileSystemWatcher, I've found out that it somehow surpasses Active Directory's restrictions to files and folders, and will raise change events with information about what has changed in files and folders that you don't even have access to. I have two questions about that: 1) Why does this happen ? 2) Is this a problem in the AD configuration ? how do I fix it ? 3) Is there any way to gather these files, or even create a FileSystemInfo of them to get more info about the files (not only the changes made on them) ? As far as I've tried, only the FileSystemWatcher immune to the restrictions, I can't run any other thing over it, here's a list of what I've tried: File.Exists Directory.Exists FileInfo instance on found files DirectoryInfo instance on found files File.Copy File.Delete

    Read the article

  • get_called_class hack not working with eval-code.

    - by Ekampp
    Hi there. I am using a ge_called_class hack for allowing late static binding in php version 5.2 (found here). I have the following in my code: # db_record.php $ac = "ForumThread"; $objects = $ac::find("all"); This will not work in php 5.2 for some reason, so I have done this: # db_record.php $ac = "ForumThread"; eval("\$objects = {$ac}::find('all');"); This on the other hand will not work with the get_called_class function. I get an error that the file function can't read the evaled section of code. So how do I solve this problem? Best regards.

    Read the article

  • How to limit setAccessible to only "legitimate" uses?

    - by polygenelubricants
    The more I learned about the power of setAccessible, the more astonished I am at what it can do. This is adapted from my answer to the question (Using reflection to change static final File.separatorChar for unit testing). import java.lang.reflect.*; public class EverythingIsTrue { static void setFinalStatic(Field field, Object newValue) throws Exception { field.setAccessible(true); Field modifiersField = Field.class.getDeclaredField("modifiers"); modifiersField.setAccessible(true); modifiersField.setInt(field, field.getModifiers() & ~Modifier.FINAL); field.set(null, newValue); } public static void main(String args[]) throws Exception { setFinalStatic(Boolean.class.getField("FALSE"), true); System.out.format("Everything is %s", false); // "Everything is true" } } You can do truly outrageous stuff: public class UltimateAnswerToEverything { static Integer[] ultimateAnswer() { Integer[] ret = new Integer[256]; java.util.Arrays.fill(ret, 42); return ret; } public static void main(String args[]) throws Exception { EverythingIsTrue.setFinalStatic( Class.forName("java.lang.Integer$IntegerCache") .getDeclaredField("cache"), ultimateAnswer() ); System.out.format("6 * 9 = %d", 6 * 9); // "6 * 9 = 42" } } Presumably the API designers realize how abusable setAccessible can be, but must have conceded that it has legitimate uses to provide it. So my questions are: What are the truly legitimate uses for setAccessible? Could Java has been designed as to NOT have this need in the first place? What would the negative consequences (if any) of such design be? Can you restrict setAccessible to legitimate uses only? Is it only through SecurityManager? How does it work? Whitelist/blacklist, granularity, etc? Is it common to have to configure it in your applications?

    Read the article

  • Php code works on guest os but doesn't work on host os

    - by Ieyasu Sawada
    Can you give me some guide on how to determine whats the problem if the same piece of code works on guest os. And doesn't work on the host os? I've created the project on Windows 7 but now it seems to be working on XP only. Here's what I have installed on the host os(Windows 7): And here's what I got on the guest os: And here's the screenshot. The guest os and host os side by side: Other things which are the same: php version mysql version apache same data stored on the database Here's the code of checkout.php: http://cu.pastebin.com/YeBR9rTs Forgive me if its messy.

    Read the article

  • Copy and pasting code into the Python interpreter

    - by wpeters
    There is a snippet of code that I would like to copy and paste into my Python interpreter. Unfortunately due to Python's sensitivity to whitespace it is not straightforward to copy and paste it a way that makes sense. (I think the whitespace gets mangled) Is there a better way? Maybe I can load the snippet from a file. This is just an small example but if there is a lot of code I would like to avoid typing everything from the definition of the function or copy and pasting line by line. class bcolors: HEADER = '\033[95m' OKBLUE = '\033[94m' OKGREEN = '\033[92m' WARNING = '\033[93m' FAIL = '\033[91m' ENDC = '\033[0m' def disable(self): self.HEADER = '' # I think stuff gets mangled because of the extra level of indentation self.OKBLUE = '' self.OKGREEN = '' self.WARNING = '' self.FAIL = '' self.ENDC = ''

    Read the article

  • Secure password transmission over unencrypted tcp/ip

    - by academicRobot
    I'm in the designing stages of a custom tcp/ip protocol for mobile client-server communication. When not required (data is not sensitive), I'd like to avoid using SSL for overhead reasons (both in handshake latency and conserving cycles). My question is, what is the best practices way of transmitting authentication information over an unencrypted connection? Currently, I'm liking SRP or J-PAKE (they generate secure session tokens, are hash/salt friendly, and allow kicking into TLS when necessary), which I believe are both implemented in OpenSSL. However, I am a bit wary since I don't see many people using these algorithms for this purpose. Would also appreciate pointers to any materials discussing this topic in general, since I had trouble finding any.

    Read the article

  • Porting C++-code from Windows to Unix: systemcalls colliding with name of functions

    - by marvin2k
    Hi I'm porting some crufty C++ Windows-code to Linux, which uses functions called "open" and "close" inside every class... Very bad style, or? Luckily that wasn't a problem in windows, since their systemcalls are named different. When I try to call the systemcalls open() or close() I'm getting some compiler error about "no matching function for call for class:open()". I can't rename all our functions named "class::open" and "class::close" in the whole code, and I have to use open() and close() since I'm working with serial ports. So my question is: How can I tell the compiler, which open I mean? How can I escape or hide the namespace of a class in C++?

    Read the article

  • Accessing Identity.AuthenticationType

    - by Tewr
    While implementing a custom authentication type in a wcf service, I'm trying to read the property IIdentity.AuthenticationType using the call Thread.CurrentPrincipal.Identity.AuthenticationType. Unless the account running the service is local administrator, UnauthorizedAccessException is thrown when accessing this property, much like described in this support thread. I can however reset the Thread.CurrentPrincipalobject without hassle, thus altering the Authentication Type - But read it, I cannot. Is running as an administrator the only way here or is there some trick to let the user running the service "just" access this property?

    Read the article

  • Detecting use after free() on windows.

    - by The Rook
    I'm trying to detect "Use after free()" bugs, otherwise known as "Dangling pointers". I know Valgrind can be used to detect "Use after free" bugs on the *nix platform, but what about windows? What if I don't have the source? Is there a better program than Valgrind for detecting all dangling pointers in a program? A free and open source would be preferred , but I'll use a commercial solution if it will get the job done.

    Read the article

  • Simple wrapping of C code with cython

    - by Jose
    Hi, I have a number of C functions, and I would like to call them from python. cython seems to be the way to go, but I can't really find an example of how exactly this is done. My C function looks like this: void calculate_daily ( char *db_name, int grid_id, int year, double *dtmp, double *dtmn, double *dtmx, double *dprec, double *ddtr, double *dayl, double *dpet, double *dpar ) ; All I want to do is to specify the first three parameters (a string and two integers), and recover 8 numpy arrays (or python lists. All the double arrays have N elements). My code assumes that the pointers are pointing to an already allocated chunk of memory. Also, the produced C code ought to link to some external libraries.

    Read the article

  • PHP: Safe way to store decryptable passwords

    - by Jammer
    I'm making an application in PHP and there is a requirement that it must be possible to decrypt the passwords in order to avoid problems in the future with switching user database to different system. What encryption/decryption algorithm would you suggest? Is it good idea to just store the encrypted value and then compare the future authentication attempts to that value? Are the passwords still as safe as MD5/SHA1 when the private key is not available to the attacker (Hidden in USB drive for example)? I should still use salting, right? What encryption libraries should I use for PHP?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 314 315 316 317 318 319 320 321 322 323 324 325  | Next Page >