Search Results

Search found 9634 results on 386 pages for 'proxy pattern'.

Page 337/386 | < Previous Page | 333 334 335 336 337 338 339 340 341 342 343 344  | Next Page >

• C# client to Java web service

  - by tomislavg

  I have received wsdl file from outside company. I'm using VS2005 c#. With wsdl.exe I have created class containing methods and types for the given web service. To connect to the service outside company requires that certificate from the smart card is inputed in the header. I think i have achieved this with service.ClientCertificates.Add("Path to exported cert" - at least for now, after probably later i will take it from Certificate Store When service is called there are three steps that are taken and visible by the Fidller(Web Debugging Proxy)). service is called on the url http://test.company.com/webservice.wsdl service redirects the request to certificate server and pin needs to be inputed to get cookie for the server service is again redirected to url http://test.company.com/webservice.wsdl At point 1. I can see that my request send to the server contains .... but at point 3. i can not see request` just a empty string. The exception is thrown Msg: Possible SOAP version mismatch: Envelope namespace http://schemas.xmlsoap.org/wsdl/ was unexpected. Expecting http://schemas.xmlsoap.org/soap/envelope/. Does somebody have an example how to connect to java web service with certificate and AlowRedirect enabled for the web service? Any ideas what i am doing wrong are more that welcome.

  Read the article

• Key Tips in WPF

  - by Brad Leach

  Office 2007 and the Ribbon introduced the concept of "Key Tips". In short, every single command in the Ribbon receives a letter which you can press to activate that command. ... The letters are indicated by small "KeyTips" which indicate the letter to press to activate the control. KeyTips are displayed using the Alt key, so using them feels similar to how menu navigation works in Windows. (Source: http://blogs.msdn.com/jensenh/archive/2006/04/12/574930.aspx) An example of the Key Tips can be shown as follows. In this diagram, the use has pressed the ALT key, and is awaiting further input. Are there any WPF Open Source examples of "Key Tips"? How would you go about implementing something like this feature in a generic way (i.e. not requiring a Ribbon)? How would you implement this using a MVVM pattern (given that ICommand does not support InputBindings). Note: ActiPro have implemented this feature in their implementation of a Ribbon, but they have not released source code.

  Read the article

• How to lazy load scripts in YUI that accompany ajax html fragments

  - by Chris Beck

  I have a web app with Tabs for Messages and Contacts (think gmail). Each Tab has a Y.on('click') event listener that retrieves an HTML fragment via Y.io() and renders the fragment via node.setContent(). However, the Contact Tab also requires contact.js to enable an Edit button in the fragment. How do I defer the cost of loading contact.js until the user clicks on the Contacts tab? How should contact.js add it's listener to the Edit button? The Complete function of my Tab's on('click') event could serialize Get.script('contact.js') after Y.io('fragment'). However, for better performance, I would prefer to download the script in parallel to downloading the HTML fragment. In that case, I would need to defer adding an event listener to the Edit button until the Edit button is available. This seems like a common RIA design pattern. What is the best way to implement this with YUI? How should I get the script? How should I defer sections of the script until elements in the fragment are available in the DOM?

  Read the article

• Avoiding anemic domain model - a real example

  - by cbp

  I am trying to understand Anemic Domain Models and why they are supposedly an anti-pattern. Here is a real world example. I have an Employee class, which has a ton of properties - name, gender, username, etc public class Employee { public string Name { get; set; } public string Gender { get; set; } public string Username { get; set; } // Etc.. mostly getters and setters } Next we have a system that involves rotating incoming phone calls and website enquiries (known as 'leads') evenly amongst sales staff. This system is quite complex as it involves round-robining enquiries, checking for holidays, employee preferences etc. So this system is currently seperated out into a service: EmployeeLeadRotationService. public class EmployeeLeadRotationService : IEmployeeLeadRotationService { private IEmployeeRepository _employeeRepository; // ...plus lots of other injected repositories and services public void SelectEmployee(ILead lead) { // Etc. lots of complex logic } } Then on the backside of our website enquiry form we have code like this: public void SubmitForm() { var lead = CreateLeadFromFormInput(); var selectedEmployee = Kernel.Get<IEmployeeLeadRotationService>() .SelectEmployee(lead); Response.Write(employee.Name + " will handle your enquiry. Thanks."); } I don't really encounter many problems with this approach, but supposedly this is something that I should run screaming from because it is an Anemic Domain Model. But for me its not clear where the logic in the lead rotation service should go. Should it go in the lead? Should it go in the employee? What about all the injected repositories etc that the rotation service requires - how would they be injected into the employee, given that most of the time when dealing with an employee we don't need any of these repositories?

  Read the article

• How to prevent multiple registrations?

  - by GG.

  I develop a political survey website where anyone can vote once. Obviously I have to prevent multiple registrations for the survey remains relevant. Already I force every user to login with their Google, Facebook or Twitter account. But they can authenticate 3 times if they have an account on each, or authenticate with multiple accounts of the same platform (I have 3 accounts on Google). So I thought also store the IP address, but they can still go through a proxy... I thought also keep the HTTP User Agent with PHP's get_browser(), although they can still change browsers. I can extract the OS with a regex, to change OS is less easier than browsers. And there is also geolocation, for example with the Google Map API. So to summarize, several ideas: 1 / SSO Authentication (I keep the email) 2 / IP Address 3 / HTTP User Agent 4 / Geolocation with an API Have you any other ideas that I did not think? How to embed these tests? Execute in what order? Have you already deploy this kind of solution?

  Read the article

• How to configure database connection securely

  - by chiccodoro

  Similar but not the same: How to securely store database connection details Securely connecting to database within a application Hi all, I have a C# WinForms application connecting to a database server. The database connection string, including a generic user/pass, is placed in a NHibernate configuration file, which lies in the same directory as the exe file. Now I have this issue: The user that runs the application should not get to know the username/password of the general database user because I don't want him to rummage around in the database directly. Alternatively I could hardcode the connection string, which is bad because the administrator must be able to change it if the database is moved or if he wants to switch between dev/test/prod environments. So long I've found three possibilities: The first referenced question was generally answered by making the file only readable for the user that runs the application. But that's not not enough in my case (the user running the application is a person. The database user/pass are general and shouldn't even be accessible by the person.) The first answer additionally proposed to encrypt the connection data before writing it to the file. With this approach, the administrator is not able anymore to configure the connection string because he cannot encrypt it by hand. The second referenced question provides an approach for this very scenario but it seems very complicated. My questions to you: This is a very general issue, so isn't there any general "how-to-do-it" way, somehow a "design pattern"? Is there some support in .NET's config infrastructure? (optional, maybe out of scope) Can I combine that easily with the NHibernate configuration mechanism?

  Read the article

• Webpage data scraping using Java

  - by Gemma

  I am now trying to implement a simple HTML webpage scraper using Java.Now I have a small problem. Suppose I have the following HTML fragment. <div id="sr-h-left" class="sr-comp"> <a class="link-gray-underline" id="compare_header" rel="nofollow" href="javascript:i18nCompareProd('/serv/main/buyer/ProductCompare.jsp?nxtg=41980a1c051f-0942A6ADCF43B802');"> <span style="cursor: pointer;" class="sr-h-o">Compare</span> </a> </div> <div id="sr-h-right" class="sr-summary"> <div id="sr-num-results"> <div class="sr-h-o-r">Showing 1 - 30 of 1,439 matches, The data I am interested is the integer 1.439 shown at the bottom.I am just wondering how can I get that integer out of the HTML. I am now considering using a regular expression,and then use the java.util.Pattern to help get the data out,but still not very clear about the process. I would be grateful if you guys could give me some hint or idea on this data scraping. Thanks a lot.

  Read the article

• At what line in the following code should I be commiting my UnitOfWork ?

  - by Pure.Krome

  Hi folks, I have the following code which is in a transaction. I'm not sure where/when i should be commiting my unit of work. If someone knows where, can they please explain WHY they have said, where? (i'm trying to understand the pattern through example(s), as opposed to just getting my code to work). Here's what i've got :- using (TransactionScope transactionScope = new TransactionScope(TransactionScopeOption.RequiresNew, new TransactionOptions { IsolationLevel = IsolationLevel.ReadUncommitted })) { _logEntryRepository.InsertOrUpdate(logEntry); //_unitOfWork.Commit(); // Here, commit #1 ? // Now, if this log entry was a NewConnection or an LostConnection, then we need to make sure we update the ConnectedClients. if (logEntry.EventType == EventType.NewConnection) { _connectedClientRepository.Insert(new ConnectedClient { LogEntryId = logEntry.LogEntryId }); //_unitOfWork.Commit(); // Here, commit #2 ? } // A (PB) BanKick does _NOT_ register a lost connection .. so we need to make sure we handle those scenario's as a LostConnection. if (logEntry.EventType == EventType.LostConnection || logEntry.EventType == EventType.BanKick) { _connectedClientRepository.Delete(logEntry.ClientName, logEntry.ClientIpAndPort); //_unitOfWork.Commit(); // Here, commit #3 ? } _unitOfWork.Commit(); // Here, commit #4 ? transactionScope.Complete(); } Cheers :)

  Read the article

• Java method keyword "final" and its use

  - by Lukas Eder

  When I create complex type hierarchies (several levels, several types per level), I like to use the final keyword on methods implementing some interface declaration. An example: interface Garble { int zork(); } interface Gnarf extends Garble { /** * This is the same as calling {@link #zblah(0)} */ int zblah(); int zblah(int defaultZblah); } And then abstract class AbstractGarble implements Garble { @Override public final int zork() { ... } } abstract class AbstractGnarf extends AbstractGarble implements Gnarf { // Here I absolutely want to fix the default behaviour of zblah // No Gnarf shouldn't be allowed to set 1 as the default, for instance @Override public final int zblah() { return zblah(0); } // This method is not implemented here, but in a subclass @Override public abstract int zblah(int defaultZblah); } I do this for several reasons: It helps me develop the type hierarchy. When I add a class to the hierarchy, it is very clear, what methods I have to implement, and what methods I may not override (in case I forgot the details about the hierarchy) I think overriding concrete stuff is bad according to design principles and patterns, such as the template method pattern. I don't want other developers or my users do it. So the final keyword works perfectly for me. My question is: Why is it used so rarely in the wild? Can you show me some examples / reasons where final (in a similar case to mine) would be very bad?

  Read the article

• Best practices for managing updating a database with a complex set of changes

  - by Sarge

  I am writing an application where I have some publicly available information in a database which I want the users to be able to edit. The information is not textual like a wiki but is similar in concept because the edits bring the public information increasingly closer to the truth. The changes will affect multiple tables and the update needs to be automatically checked before affecting the public tables. I'm working on the design and I'm wondering if there are any best practices that might help with some particular issues. I want to provide undo capability. I want to show the user the combined result of all their changes. When the user says they're done, I need to check the underlying public data to make sure it hasn't been changed by somebody else. My current plan is to have the user work in a set of tables setup to be a private working area. Once they're ready they can kick off a process to check everything and update the public tables. Undo can be recorded using Command pattern saving to a table. Are there any techniques I might have missed or useful papers or patterns? Thanks in advance!

  Read the article

• WPF: How to connect to a sql ce 3.5 database with ADO.NET?

  - by EV

  Hi, I'm trying to write an application that has two DataGrids - the first one displays customers and the second one selected customer's records. I have generated the ADO.NET Entity Model and the connection property are set in App.config file. Now I want to populate the datagrids with the data from sql ce 3.5 database which does not support LINQ-TO-SQL. I used this code for the first datagrid in code behind: CompanyDBEntities db; private void Window_Loaded(object sender, RoutedEventArgs e) { db = new CompanyDBEntities(); ObjectQuery<Employees> departmentQuery = db.Employees; try { // lpgrid is the name of the first datagrid this.lpgrid.ItemsSource = departmentQuery; } catch (Exception ex) { MessageBox.Show(ex.Message); } However, the datagrid is empty although there are records in a database. It would also be better to use it in MVVM pattern but I'm not sure how does the ado.net and MVVM work together and if it is even possible to use them like that. Could anyone help? Thanks in advance.

  Read the article

• Castle Active Record - Working with the cache

  - by David

  Hi All, im new to the Castle Active Record Pattern and Im trying to get my head around how to effectivley use cache. So what im trying to do (or want to do) is when calling the GetAll, find out if I have called it before and check the cache, else load it, but I also want to pass a bool paramter that will force the cache to clear and requery the db. So Im just looking for the final bits. thanks public static List<Model.Resource> GetAll(bool forceReload) { List<Model.Resource> resources = new List<Model.Resource>(); //Request to force reload if (forceReload) { //need to specify to force a reload (how?) XmlConfigurationSource source = new XmlConfigurationSource("appconfig.xml"); ActiveRecordStarter.Initialize(source, typeof(Model.Resource)); resources = Model.Resource.FindAll().ToList(); } else { //Check the cache somehow and return the cache? } return resources; } public static List<Model.Resource> GetAll() { return GetAll(false); }

  Read the article

• UNIX-style RegExp Replace running extremely slowly under windows. Help? EDIT: Negative lookahead ass

  - by John Sullivan

  I'm trying to run a unix regEXP on every log file in a 1.12 GB directory, then replace the matched pattern with ''. Test run on a 4 meg file is took about 10 minutes, but worked. Obviously something is murdering performance by several orders of magnitude. Find: ^(?!.*155[0-2][0-9]{4}\s.*).*$ -- NOTE: match any line NOT starting 155[0-2]NNNN where in is a number 0-9. Replace with: ''. Is there some justifiable reason for my regExp to take this long to replace matching text, or is the program I am using (this is windows / a program called "grepWin") most likely poorly optimized? Thanks. UPDATE: I am noticing that searching for ^(155[0-2]).$ takes ~7 seconds in a 5.6 MB file with 77 matches. Adding the Negative Lookahead Assertion, ?=, so that the regExp becomes ^(?!155[0-2]).$ is causing it to take at least 5-10 minutes; granted, there will be thousands and thousands of matches. Should the negative lookahead assertion be extremely detrimental to performance, and/or a large quantity of matches?

  Read the article

• Better way to call superclass method in ExtJS

  - by Rene Saarsoo

  All the ExtJS documentation and examples I have read suggest calling superclass methods like this: MyApp.MyPanel = Ext.extend(Ext.Panel, { initComponent: function() { // do something MyPanel specific here... MyApp.MyPanel.superclass.initComponent.call(this); } }); I have been using this pattern for quite some time and the main problem is, that when you rename your class then you also have to change all the calls to superclass methods. That's quite inconvenient, often I will forget and then I have to track down strange errors. But reading the source of Ext.extend() I discovered, that instead I could use the superclass() or super() methods that Ext.extend() adds to the prototype: MyApp.MyPanel = Ext.extend(Ext.Panel, { initComponent: function() { // do something MyPanel specific here... this.superclass().initComponent.call(this); } }); In this code renaming MyPanel to something else is simple - I just have to change the one line. But I have doubts... I haven't seen this documented anywhere and the old wisdom says, I shouldn't rely on undocumented behaviour. I didn't found a single use of these superclass() and supr() methods in ExtJS source code. Why create them when you aren't going to use them? Maybe these methods were used in some older version of ExtJS but are deprecated now? But it seems such a useful feature, why would you deprecate it? So, should I use these methods or not?

  Read the article

• NHibernate Session DI from StructureMap in components

  - by Corey Coogan

  I know this is somewhat of a dead horse, but I'm not finding a satisfactory answer. First let me say, I am NOT dealing with a web app, otherwise managing NH Session is quite simple. I have a bunch of enterprise components. Those components have their own service layer that will act on multiple repositories. For example: Claim Component Claim Processing Service Claim Repository Billing Component Billing Service Billing REpository Policy Component PolicyLockService Policy Repository Now I may have a console, or windows application that needs to coordinate an operation that involves each of the services. I want to write the services to be injected with (DI) their required repositories. The Repositories should have an ISession, or similar, injected into them so that I can have this operation performed under one ISession/ITransaction. I'm aware of the Unit Of Work pattern and the many samples out there, but none of them showed DI. I'm also leery of [ThreadStatic] because this stuff can also be used from WCF and I have found enough posts describing how to do that. I've read about Business Conversations, but need something simple that each windows/console app can easily bootstrap since we have alot of these apps and some pretty inexperienced developers. So how can I configure StructureMap to inject the same ISession into each of the dependent repositories from an application? Here's a totally contrived and totally made up example without using SM (for clarification only - please don't spend energy critisizing): ConsoleApplication Main { using(ISession session = GetSession()) using(ITransaction trans = session.BeginTransaction()) { var policyRepo = new PolicyRepo(session); var policyService = new PolicyService(policyRepo); var billingRepo = new BillingRepo(session) var billingService = new BillingService(billingRepo); var claimRepo = new ClaimsRepo(session); var claimService = new ClaimService(claimRepo, policyService, billingService); claimService.FileCLaim(); trans.Commit(); } }

  Read the article

• How much of STL is too much?

  - by Darius Kucinskas

  I am using a lot of STL code with std::for_each, bind, and so on, but I noticed that sometimes STL usage is not good idea. For example if you have a std::vector and want to do one action on each item of the vector, your first idea is to use this: std::for_each(vec.begin(), vec.end(), Foo()) and it is elegant and ok, for a while. But then comes the first set of bug reports and you have to modify code. Now you should add parameter to call Foo(), so now it becomes: std::for_each(vec.begin(), vec.end(), std::bind2nd(Foo(), X)) but that is only temporary solution. Now the project is maturing and you understand business logic much better and you want to add new modifications to code. It is at this point that you realize that you should use old good: for(std::vector::iterator it = vec.begin(); it != vec.end(); ++it) Is this happening only to me? Do you recognise this kind of pattern in your code? Have you experience similar anti-patterns using STL?

  Read the article

• How to disable mod_security2 rule (false positive) for one domain on centos 5

  - by nicholas.alipaz

  Hi I have mod_security enabled on a centos5 server and one of the rules is keeping a user from posting some text on a form. The text is legitimate but it has the words 'create' and an html <table> tag later in it so it is causing a false positive. The error I am receiving is below: [Sun Apr 25 20:36:53 2010] [error] [client 76.171.171.xxx] ModSecurity: Access denied with code 500 (phase 2). Pattern match "((alter|create|drop)[[:space:]]+(column|database|procedure|table)|delete[[:space:]]+from|update.+set.+=)" at ARGS:body. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "352"] [id "300015"] [rev "1"] [msg "Generic SQL injection protection"] [severity "CRITICAL"] [hostname "www.mysite.com"] [uri "/node/181/edit"] [unique_id "@TaVDEWnlusAABQv9@oAAAAD"] and here is /usr/local/apache/conf/modsec2.user.conf (line 352) #Generic SQL sigs SecRule ARGS "((alter|create|drop)[[:space:]]+(column|database|procedure|table)|delete[[:space:]]+from|update.+set.+=)" "id:1,rev:1,severity:2,msg:'Generic SQL injection protection'" The questions I have are: What should I do to "whitelist" or allow this rule to get through? What file do I create and where? How should I alter this rule? Can I set it to only be allowed for the one domain, since it is the only one having the issue on this dedicated server or is there a better way to exclude table tags perhaps? Thanks guys

  Read the article

• what kind of relationship is there between a common wall and the rooms that located next to it?

  - by siamak

  I want to know whats the Relationship between a common wall (that are located In an adjoining room ) and the rooms. As i know the relationship between a room and its walls is Composition not Aggregation (am i right ?) And according to the definition of Composition the contained object can't be shared between two containers, whereas in aggregation it is possible. now i am confused that whats the best modeling approach to represent the relationship between a common wall and the rooms located next to it ? It would be highly Appreciated if you could provide your advices with some code. |--------|--------| Approch1: (wall class ---- room class) /Composition Approach2: wall class ----- room class /Aggregation Approch3: we have a wall class and a Common wall class , Common wall class inherits from wall class adjoining room class ---- (1) Common wall class /Aggregation adjoining room class ---- (6) wall class / composition Approach4: I am a developer not a designer :) so this is my idea : class Room { private wall _firstwall ; private wall _secondtwall; private wall _thirdwall ; private wall _commonwall ; public Room( CommonWall commonwall) { _firstwall=new Wall(); _secondtwall=new Wall(); _thirdwall=new Wall(); _commonwall=commonwall; } } Class CommonWall:Wall { //... } // in somewher : static void main() { Wall _commonWall=new Wall(); Room room1=new Room(_commonWall); Room room2=new Room(_commonWall); Room [] adjacentRoom =new Room[2]{room1,room2}; } Edit 1: I think this is a clear question but just for more clarification : The point of the question is to find out whats the best pattern or approach to model a relationship for an object that is a component of two other objects in the same time. and about my example : waht i mean by a "room" ?,surely i mean an enclosed square room with 4 walls and one door.but in this case one of these walls is a common wall and is shared between two adjacent rooms.

  Read the article

• Using Sub-Types And Return Types in Scala to Process a Generic Object Into a Specific One

  - by pr1001

  I think this is about covariance but I'm weak on the topic... I have a generic Event class used for things like database persistance, let's say like this: class Event( subject: Long, verb: String, directobject: Option[Long], indirectobject: Option[Long], timestamp: Long) { def getSubject = subject def getVerb = verb def getDirectObject = directobject def getIndirectObject = indirectobject def getTimestamp = timestamp } However, I have lots of different event verbs and I want to use pattern matching and such with these different event types, so I will create some corresponding case classes: trait EventCC case class Login(user: Long, timestamp: Long) extends EventCC case class Follow( follower: Long, followee: Long, timestamp: Long ) extends EventCC Now, the question is, how can I easily convert generic Events to the specific case classes. This is my first stab at it: def event2CC[T <: EventCC](event: Event): T = event.getVerb match { case "login" => Login(event.getSubject, event.getTimestamp) case "follow" => Follow( event.getSubject, event.getDirectObject.getOrElse(0), event.getTimestamp ) // ... } Unfortunately, this is wrong. <console>:11: error: type mismatch; found : Login required: T case "login" => Login(event.getSubject, event.getTimestamp) ^ <console>:12: error: type mismatch; found : Follow required: T case "follow" => Follow(event.getSubject, event.getDirectObject.getOrElse(0), event.getTimestamp) Could someone with greater type-fu than me explain if, 1) if what I want to do is possible (or reasonable, for that matter), and 2) if so, how to fix event2CC. Thanks!

  Read the article

• wsimport generate a client with cookies

  - by dierre

  I'm generating a client for a SOAP 1.2 service using wsimport from the jaxws-maven-plugin in maven with the following execution: <groupId>org.jvnet.jax-ws-commons</groupId> <artifactId>jaxws-maven-plugin</artifactId> <version>2.2</version> <executions> <execution> <goals> <goal>wsimport</goal> </goals> <configuration> <sourceDestDir>${project.basedir}/src/main/java</sourceDestDir> <wsdlUrls> <wsdlUrl>${webservice.url}</wsdlUrl> </wsdlUrls> <extension>true</extension> </configuration> </execution> The first time the client call the proxy, the load balancer generate a cookie and sends it back. The client should send it back so the load balancer knows where (which server) is dedicated to a specific client (the idea is that the first time the client get a server and the cookie identifies the server, then the load balancer sends the client to the same server for every call) Now, is there a way to tell to the plugin to enable automatically the cookie handling?

  Read the article

• firefox reading web page from local JS file -- access to restricted URI denied, code: 1012, nsresult

  - by macias

  My problem is -- I have a html file which is really JS program, which reads web pages and show them in customized manner (i.e. it displays the same content in a different way). Basically, I create XMLHttpRequest object and then req.open("GET", web_page_address, false); req.send(""); This gives me (in firefox) an error: Error: uncaught exception: [Exception... "Access to restricted URI denied" code: "1012" nsresult: "0x805303f4 (NS_ERROR_DOM_BAD_URI)" I already googled, and looked at SO but all other issues are very similar with those two exceptions: the file I open in firefox is a local file, opened directly in browser -- I don't have www server running at localhost I don't have any control over the web pages I am reading stuff from So, several solutions I've seen so far (like adding PHP proxy, changing the way external server sends data) cannot be applied here. What else can be done in such case? Another story is I am wondering if such strict security for directly local file has any sense. Thank you in advance for tips/links/etc. Have a nice day!

  Read the article

• How can I validate/secure/authenticate a JavaScript-based POST request?

  - by Bungle

  A product I'm helping to develop will basically work like this: A Web publisher creates a new page on their site that includes a <script> from our server. When a visitor reaches that new page, that <script> gathers the text content of the page and sends it to our server via a POST request (cross-domain, using a <form> inside of an <iframe>). Our server processes the text content and returns a response (via JSONP) that includes an HTML fragment listing links to related content around the Web. This response is cached and served to subsequent visitors until we receive another POST request with text content from the same URL, at which point we regenerate a "fresh" response. These POSTs only happen when our cached TTL expires, at which point the server signifies that and prompts the <script> on the page to gather and POST the text content again. The problem is that this system seems inherently insecure. In theory, anyone could spoof the HTTP POST request (including the referer header, so we couldn't just check for that) that sends a page's content to our server. This could include any text content, which we would then use to generate the related content links for that page. The primary difficulty in making this secure is that our JavaScript is publicly visible. We can't use any kind of private key or other cryptic identifier or pattern because that won't be secret. Ideally, we need a method that somehow verifies that a POST request corresponding to a particular Web page is authentic. We can't just scrape the Web page and compare the content with what's been POSTed, since the purpose of having JavaScript submit the content is that it may be behind a login system. Any ideas? I hope I've explained the problem well enough. Thanks in advance for any suggestions.

  Read the article

• How can I make an even more random number in ActionScript 2.0

  - by Theo

  I write a piece of software that runs inside banner ads which generates millions of session IDs every day. For a long time I've known that the random number generator in Flash is't random enough to generate sufficiently unique IDs, so I've employed a number of tricks to get even more random numbers. However, in ActionScript 2.0 it's not easy, and I'm seeing more and more collisions, so I wonder if there is something I've overlooked. As far as I can tell the problem with Math.random() is that it's seeded by the system time, and when you have sufficient numbers of simultaneous attempts you're bound to see collisions. In ActionScript 3.0 I use the System.totalMemory, but there's no equivalent in ActionScript 2.0. AS3 also has Font.enumerateFonts, and a few other things that are different from system to system. On the server side I also add the IP address to the session ID, but even that isn't enough (for example, many large companies use a single proxy server and that means that thousands of people all have the same IP -- and since they tend to look at the same sites, with the same ads, roughly at the same time, there are many session ID collisions). What I need isn't something perfectly random, just something that is random enough to dilute the randomness I get from Math.random(). Think of it this way: there is a certain chance that two people will generate the same random number sequence using only Math.random(), but the chance of two people generating the same sequence and having, say, the exact same list of fonts is significantly lower. I cannot rely on having sufficient script access to use ExternalInterface to get hold of things like the user agent, or the URL of the page. I don't need suggestions of how to do it in AS3, or any other system, only AS2 -- using only what's available in the standard APIs. The best I've come up with so far is to use the list of microphones (Microphone.names), but I've also tried to make some fingerprinting using some of the properties in System.capabilities, I'm not sure how much randomness I can get out of that though so I'm not using that at the moment. I hope I've overlooked something.

  Read the article

• Vim + OmniCppComplete and completing members of class members

  - by Robert S. Barnes

  I've noticed that I can't seem to complete members of class members using OmniCppComplete. For example, given the following files: // foo.h #include <string> class foo { public: void set_str(const std::string &); std::string get_str_reverse( void ); private: std::string str; }; // foo.cpp #include "foo.h" using std::string; string foo::get_str_reverse ( void ) { string temp; temp.assign(str); reverse(temp.begin(), temp.end()); return temp; } /* ----- end of method foo::get_str ----- */ void foo::set_str ( const string &s ) { str.assign(s); } /* ----- end of method foo::set_str ----- */ I've set up tags for stdlibc++ and generated the tags for these two files using: ctags -R --c++-kinds=+pl --fields=+iaS --extra=+q . When I type temp. in the cpp I get a list of string member functions as expected. But if I type str. omnicomplete spits out "Pattern Not Found". I've noticed that the temp. completion only works if I have the using std::string; declaration. How do I get completion to work on my class members?

  Read the article

• Unable to access Java-created file -- sometimes

  - by BlairHippo

  In Java, I'm working with code running under WinXP that creates a file like this: public synchronized void store(Properties props, byte[] data) { try { File file = filenameBasedOnProperties(props); if ( file.exists() ) { return; } File temp = File.createTempFile("tempfile", null); FileOutputStream out = new FileOutputStream(temp); out.write(data); out.flush(); out.close(); file.getParentFile().mkdirs(); temp.renameTo(file); } catch (IOException ex) { // Complain and whine and stuff } } Sometimes, when a file is created this way, it's just about totally inaccessible from outside the code (though the code responsible for opening and reading the file has no problem), even when the application isn't running. When accessed via Windows Explorer, I can't move, rename, delete, or even open the file. Under Cygwin, I get the following when I ls -l the directory: ls: cannot access [big-honkin-filename] total 0 ?????????? ? ? ? ? ? [big-honkin-filename] As implied, the filenames are big, but under the 260-character max for XP (though they are slightly over 200 characters). To further add to the sense the my computer just wants me to feel stupid, sometimes the files created by this code are perfectly normal. The only pattern I've spotted is that once one file in the directory "locks", the rest are screwed. Anybody ever run into something like this before, or have any insights into what's going on here?

  Read the article

< Previous Page | 333 334 335 336 337 338 339 340 341 342 343 344  | Next Page >