Search Results

Search found 15403 results on 617 pages for 'request querystring'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 337/617 | < Previous Page | 333 334 335 336 337 338 339 340 341 342 343 344  | Next Page >

  • Blind Injection [closed]

    - by Ajay
    Blind SQL Injection Severity: High Test Type: Application Vulnerable URL: Remediation Tasks: Filter out hazardous characters from user input Variant 1 of 2 [ID=12654] The following changes were applied to the original request: • Set parameter 'nm's value to 'Demography'%20and%20'foobar'='foobar'

    Read the article

  • WCF Authentication Error

    - by Timmy O' Tool
    I'm accessing a third party WCF service (I have no access to the service configuration) We're using SSL certificates for the authentication. I'm getting this error when trying to access to any of the provided methods The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM I checked many google links and no luck so far- No idea what else to check on my side.

    Read the article

  • EOF error using recv in python

    - by tipu
    I am doing this in my code, HOST = '192.168.1.3' PORT = 50007 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((HOST, PORT)) query_details = {"page" : page, "query" : query, "type" : type} s.send(str(query_details)) #data = eval(pickle.loads(s.recv(4096))) data = s.recv(16384) But I am continually getting EOF at the last line. The code I am sending with, self.request.send(pickle.dumps(results))

    Read the article

  • Why does OpenID look so hard to implement?

    - by user198729
    I read through this post: http://stackoverflow.com/questions/741345/how-do-i-implement-direct-identity-based-openid-authentication-with-zend-openid Why does it look so complicated to implement? IMO, it's just to send request to a remote site and retrieve the response. What's the problem those OpenID libraries are dealing with?

    Read the article

  • Defined variables and arrays vs functions in php

    - by Frank Presencia Fandos
    Introduction I have some sort of values that I might want to access several times each page is loaded. I can take two different approaches for accessing them but I'm not sure which one is 'better'. Three already implemented examples are several options for the Language, URI and displaying text that I describe here: Language Right now it is configured in this way: lang() is a function that returns different values depending on the argument. Example: lang("full") returns the current language, "English", while lang() returns the abbreviation of the current language, "en". There are many more options, like lang("select"), lang("selectact"), etc that return different things. The code is too long and irrelevant for the case so if anyone wants it just ask for it. Url The $Url array also returns different values depending on the request. The whole array is fully defined in the beginning of the page and used to get shorter but accurate links of the current page. Example: $Url['full'] would return "http://mypage.org/path/to/file.php?page=1" and $Url['file'] would return "file.php". It's useful for action="" within the forms and many other things. There are more values for $Url['folder'], $Url['file'], etc. Same thing about the code, if wanted, just request it. Text [You can skip this section] There's another array called $Text that is defined in the same way than $Url. The whole array is defined at the beginning, making a mysql call and defining all $Text[$i] for current page with a while loop. I'm not sure if this is more efficient than multiple calls for a single mysql cell. Example: $Text['54'] returns "This is just a test array!" which this could perfectly be implemented with a function like text(54). Question With the 3 examples you can see that I use different methods to do almost the same function (no pun intended), but I'm not sure which one should become the standard one for my code. I could create a function called url() and other called text() to output what I want. I think that working with functions in those cases is better, but I'm not sure why. So I'd really appreciate your opinions and advice. Should I mix arrays and functions in the way I described or should I just use funcions? Please, base your answer in this: The source needs to be readable and reusable by other developers Resource consumption (processing, time and memory). The shorter the code the better. The more you explain the reasons the better. Thank you PS, now I know the differences between $Url and $Uri.

    Read the article

  • htaccess redirect to a relative location

    - by stanleyxu2005
    Hi All, On my development server, there are many web projects, like: development_server/proj_a/fldr1 development_server/proj_b/fldr1 There projects are deployed onto different productive server, like proj_a_server/fldr1 proj_b_server/fldr1 Now I want to redirect request to fldr1 to other_fldr On development server, I write: Redirect permanent /proj_a/fldr1 /proj_a/other_fldr But on productive server, I should write: Redirect permanent /fldr1 /other_fldr The question is that, can I redirect a relative path? Redirect permanent fldr1 other_fldr

    Read the article

  • Nonblocking io webserver/framework for java

    - by SeekingNonblockingIo
    Does anyone know of any node.js style webserver framework for java? I realized that having nonblocking callback behavior while handling a web request will require deep support at the webserver level. I am interested in node.js, but when I have a web server that ends up persisting data, I would like to take advantage of the static type system that Java offers. However, I want the scalability of non-blocking io.

    Read the article

  • Authenticating users in iPhone app

    - by Myron
    I'm developing an HTTP api for our web application. Initially, the primary consumer of the API will be an iPhone app we're developing, but I'm designing this with future uses in mind (such as mobile apps for other platforms). I'm trying to decide on the best way to authenticate users so they can access their accounts from the iPhone. I've got a design that I think works well, but I'm no security expert, so I figured it would be good to ask for feedback here. The design of the user authentication has 3 primary goals: Good user experience: We want to allow users to enter their credentials once, and remain logged in indefinitely, until they explicitly log out. I would have considered OAuth if not for the fact that the experience from an iPhone app is pretty awful, from what I've heard (i.e. it launches the login form in Safari, then tells the user to return to the app when authentication succeeds). No need to store the user creds with the app: I always hate the idea of having the user's password stored in either plain text or symmetrically encrypted anywhere, so I don't want the app to have to store the password to pass it to the API for future API requests. Security: We definitely don't need the intense security of a banking app, but I'd obviously like this to be secure. Overall, the API is REST-inspired (i.e. treating URLs as resources, and using the HTTP methods and status codes semantically). Each request to the API must include two custom HTTP headers: an API Key (unique to each client app) and a unique device ID. The API requires all requests to be made using HTTPS, so that the headers and body are encrypted. My plan is to have an api_sessions table in my database. It has a unique constraint on the API key and unique device ID (so that a device may only be logged into a single user account through a given app) as well as a foreign key to the users table. The API will have a login endpoint, which receives the username/password and, if they match an account, logs the user in, creating an api_sessions record for the given API key and device id. Future API requests will look up the api_session using the API key and device id, and, if a record is found, treat the request as being logged in under the user account referenced by the api_session record. There will also be a logout API endpoint, which deletes the record from the api_sessions table. Does anyone see any obvious security holes in this?

    Read the article

  • Render a template in Ramaze

    - by pkulak
    I've got a template for a partial that I'd like to use and I'm wondering if it's possible to just render the thing without needing to send a mock request to a controller. I'm never going to need to render this to an AJAX call, so it seems silly to set up a controller and action, not to mention the security issues with making a private partial open to the world.

    Read the article

  • browser instant updates with ajax/jquery

    - by wcpro
    I'm trying to reverse engineer how facebook handles their notifications, where when you get a message you get instantly notified via the browser. I've fiddled with it for a little bit and realized that there is always a pending GET request "listening" if you will to some sort of update from the server. This appears to be some sort of observer pattern. I was just wondering if this pattern was documented somewhere.

    Read the article

  • is there a proper way to handle multiple errors/exceptions?

    - by toPeerOrNotToPeer
    in OO programming, is there some conceptual pattern, ideas, about handling multiple errors? for example, i have a method that performs some checks and should return an error message for each error found ['name is too short', 'name contains invalid unicode sequences', 'name is too long'] now, should i use an array of exceptions (not thrown exceptions)? or something like this is better: class MyExceptionList extends Exception{ public Void addException(Exception e){} public Array getExceptions(){} } any theory behind this argument will be appreciated! (this isn't a request about a specific programming language, but a pure theoretical one) thank you in advance

    Read the article

  • Best way to write an image to a Django HttpResponse()

    - by k-g-f
    I need to serve images securely to validated users only (i.e. they can't be served as static files). I currently have the following Python view in my Django project, but it seems inefficient. Any ideas for a better way? def secureImage(request,imagePath): response = HttpResponse(mimetype="image/png") img = Image.open(imagePath) img.save(response,'png') return response (Image is imported from PIL.)

    Read the article

  • jQuery Selectable only select 1 and get a value?

    - by jphenow
    This might seem like an odd request but I'd like to use jQuery's Selectable tool to only select one item at a time and I'd like it to show me a value I'll have within each tag. At the very least I want the contents of that selection. Has anyone tried to do this? For some reason these little things seem to not be all that easily findable in their API for it.

    Read the article

  • Program for WIndows Embedded

    - by Syma
    Hi, We have request from our clients to provide a POS terminal version of our web-based software. They want to be able to enter record to their database from POS terminal (via web service) instead of using PC browser. I am the one to develop this application, as I am the lead developer of the main application. I haven't done any Windows embedded programming or .net compact edition before and would appreciate link to good tutorial or info on how to start developing for Windows CE 6.0 enabled POS terminal or device. Thanks

    Read the article

  • Is there a max size for POST parameter content?

    - by l3dx
    I'm troubleshooting a java app where XML is sent between two systems using HTTP POST and a servlet. I suspect that the problem is that the XML is growing way to big. Is it possible that this is the problem? Is there a limit? When it doesn't work, the request.getParameter("message") on the consumer side will return null. Both apps are running on tomcat

    Read the article

  • Download File from server that uses Icefaces form based authentication

    - by user266443
    I am a newbie to ICEfaces and i have a requirement where i need to download a document from a given url (http://ipaddress/formexec?objectid=201). This URL uses a form based authentication that is deployed through ICEFaces. i tracked the request of this URL and i get the following line: &ice.submit.partial=false&ice.event.target=loginForm%3Aj_id33&ice.event.captured=loginForm%3Aj_id33 Is there any libraries or code to download the document by successfully passing the username and password.

    Read the article

  • Log files legal aspect?

    - by relwarc
    I like data. That is why I add a standalone PHP script which logs all relevant HTTP variables like: Date of visit IP User-agent Request URI Referer Am I allowed to store all this in non-public text files? Am I allowed to evaluate the data? What am I allowed to do with the log files? Do I have to delete them after some time?

    Read the article

  • Django: How to write the reverse function for the following

    - by ninja123
    The urlconf and view is as follows: url(r'^register/$', register, { 'backend': 'registration.backends.default.DefaultBackend' }, name='registration_register'), def register(request, backend, success_url=None, form_class=None, disallowed_url='registration_disallowed', template_name='registration/registration_form.html', extra_context=None): What i want to do is redirect users to the register page and specify a success_url. I tried reverse('registration.views.register', kwargs={'success_url':'/test/' }) but that doesn't seem to work. I've been trying for hours and can't get my mind around getting it right. Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 333 334 335 336 337 338 339 340 341 342 343 344  | Next Page >