Search Results

Search found 25503 results on 1021 pages for 'browser security'.

Page 352/1021 | < Previous Page | 348 349 350 351 352 353 354 355 356 357 358 359 | Next Page >

How to use PAM to restrict HTTP access for some users?

- by MaxB

I've read that PAM can be used to restrict HTTP access for some users, but I can't figure out how to do it in Ubuntu 12.04. The /etc/security/time.conf man page contains this example: All users except for root are denied access to console-login at all times: login ; tty* & !ttyp* ; !root ; !Al0000-2400 For this to work, /etc/pam.d/login needs to have a line account requisite pam_time.so This example works, and I tried to adapt it to limit HTTP access from the console. I added http ; tty* & !ttyp* ; !root ; !Al0000-2400 to /etc/security/time.conf, and created /etc/pam.d/http with account requisite pam_time.so This doesn't work. I can still use wget as non-root from the console.

Read the article
Are there efforts to build a collaboratively edited HTML/JS/DOM reference?

- by Pekka

W3Schools has a reputation of being incomplete, sometimes incorrect, and ridden with advertising; still, when looking to look up some things or link to documentation when answering a SO question, it still is the only handy cross-browser resource. There are other resources like the Mozilla Developer Network that is doing an increasingly great job documenting JavaScript, and the legendary and great Quirksmode. But they, as brilliant as they are, cover only parts of the areas I am talking about, and provide no community editing and quality control options. Is anybody aware of efforts to create a collaboratively edited, cross-browser HTML/CSS/JavaScript/DOM encyclopedia? If you will, I'm thinking of a challenger to W3Schools like SO was to Experts Exchange. (I thought this more suitable on Programmers than on SO proper - please correct me if I'm wrong.)

Read the article
SQL SERVER – ERROR: FIX using Compatibility Level – Database diagram support objects cannot be installed because this database does not have a valid owner – Part 2

- by pinaldave

Earlier I wrote a blog post about how to resolve the error with database diagram. Today I faced the same error when I was dealing with a database which is upgraded from SQL Server 2005 to SQL Server 2008 R2. When I was searching for the solution online I ended up on my own earlier solution SQL SERVER – ERROR: FIX – Database diagram support objects cannot be installed because this database does not have a valid owner. I really found it interesting that I ended up on my own solution. However, the solution to the problem this time was a bit different. Let us see how we can resolve the same. Error: Database diagram support objects cannot be installed because this database does not have a valid owner. To continue, first use the Files page of the Database Properties dialog box or the ALTER AUTHORIZATION statement to set the database owner to a valid login, then add the database diagram support objects. Workaround / Fix / Solution : Follow the steps listed below and it should for sure solve your problem. (NOTE: Please try this for the databases upgraded from previous version. For everybody else you should just follow the steps mentioned here.) Select your database >> Right Click >> Select Properties Go to the Options In the Dropdown at right labeled “Compatibility Level” choose “SQL Server 2005(90)” Select FILE in left side of page In the OWNER box, select button which has three dots (…) in it Now select user ‘sa’ or NT AUTHORITY\SYSTEM and click OK. This will solve your problem. However, there is one very important note you must consider. When you change any database owner, there are always security related implications. I suggest you check your security policies before changing authorization. I did this to quickly solve my problem on my development server. If you are on production server, you may open yourself to potential security compromise. Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: PostADay, SQL, SQL Authority, SQL Error Messages, SQL Query, SQL Server, SQL Tips and Tricks, T SQL

Read the article
eSTEP TechCast: Oracle Solaris 11 Express

- by user797911

Get an insight on how Oracle Solaris 11 Express has raised the bar on the innovation introduced in Oracle Solaris 10. Learn about the new integrated features such as: network based package management tools improvements to built-in virtualization new virtualised network architecture security enhancements file system evolution Learn how Oracle Solaris 11 Express provides greatly decreased planned system downtime, performs a completely safe system upgrade, achieves an unprecedented level of flexibility for application consolidation, and provides the highest levels of security in your datacenter. Date and time: Thursday, 7. July 2011, 13:00 - 14:00 CEST Speaker: Joost Pronk van Hoogeveen Target audience: Tech Presales Webcast Coordinates: You will find the coordinates in the eSTEP portal under the Events tab. Use your email-adress and PIN: eSTEP_2011 to get access. We are happy to get your comments and feedback.

Read the article
Possible problems in a team of programmers [on hold]

- by John

I am a "one man team" ASP.NET C#, SQL, HTML, JQuery programmer that wants to split workload with two other guys. Since I never actually thought of possible issue in a team of programmer, there are actually quite a few that came to my mind. delegating tasks (who works on what which is also very much related to security). I found Team Foundation Service could be helpful with this problem and started reading about it. Are there any alternatives? security (do now want for original code to be reused outside the project) How to prevent programmers from having access to all parts of code, and how to prevent them from using that code outside of project? Is trust or contract the only way?

Read the article
How do Expires headers and cache manifest rules work together?

- by Robert K

I find the W3C's official Offline Web Applications specification to be rather vague about how the cache manifest interacts with headers such as ETag, Expires, or Pragma on cached assets. I know that the manifest should be checked with each request so that the browser knows when to check the other assets for updates. But because the specification doesn't define how the cache manifest interacts with normal cache instructions, I can't predict precisely how the browser will react. Will assets with a future expiration date be refreshed (no matter the cache headers) when the cache manifest is updated? Or, will those assets obey the normal caching rules? Which caching mechanism, HTTP cache versus cache manifest, will take precedence, and when?

Read the article
Trim on encrypted SSD--Urandom first?

- by cb474

My understanding (I'm not sure I'm getting this all right) is that if one uses Trim on an encrypted SSD, it defeats some of the security benefits, because the drive will write zeros to empty space (as files are deleted). See: http://www.askubuntu.com/questions/115823/trim-on-an-encrypted-ssd And: http://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html My question is: From the perspective of the performance of the SSD and the functioning of Trim, would it therefore be better to simply zero out the SSD, before setting up an encrypted system, rather than writing random data to the drive, with urandom, as one usually does? Would this basically leave one with the same level of security anyway? And more importantly, would it better enable the Trim functionality to work as intended, with the encrypted SSD?

Read the article
Is obtrusive JavaScript ever ok?

- by Petah

I was thinking that if all the users of a website are required to have JavaScript enabled, Is it ok to use obtrusive JavaScript? I'm all for progressive enhancement, but whats the point when an advanced web applications bounces users at the door if they have an old browser or JavaScript disabled? We have a very slim target audience, and we can tell our target audience what browser and plugins/functionality they are required to have. So you my question is, is mixing JS and HTML alright in that case. Like using onclick attributes.

Read the article
Code to simulate a users actions, such as logging in

- by Gortron

I've recently begun working on a PHP application, replacing another developer. I believed the application was using an API to communicate with a remote service but when I looked through the code I found that it was using a set of functions to actually log in, fill out forms and submit them as a user might do in a browser. My intention is to replace this code, to use the services API instead. I've considered leaving the code as is and not replace it. It makes me wonder though is this a common practice in the software industry? To have a programme simulate a users actions in a browser to perform a set of actions? It feels to me that this is clever but poor programming, Have any other developers seen this?

Read the article
Online Code Editor [closed]

- by Velvet Ghost

The major online IDEs are hosted on the service provider's server. Examples are Kodingen, Cloud9, ShiftEdit. Hence they would be unavailable if the external server was down for some reason, and I prefer to do my computing on my own computer anyway. Does anyone know of an online IDE or editor (preferably just an editor - a simple implementation of the Ace or CodeMirror JS editors) which can be downloaded and run on localhost (on a local LAMP server)? I've found two so far - Eclipse Orion and Wiode, but I don't like either of them very much, and I'm looking for alternatives. Also suitable are browser extensions which run natively on the browser (offline) without going to some external site. An example would be SourceKit for Chrom(e/ium).

Read the article
Pretty URL in ADF Faces of JDeveloper 11.1.2.2

- by Frank Nimphius

Many features planned for Oracle JDeveloper 12c find their way into current releases of Oracle JDeveloper 11g R1 and JDeveloper 11g R2. One example of such a feature is "pretty URL" - or "clean URL" as the Oracle JDeveloper 11g R2 (11.1.2.2) documentation puts it. "A.2.3.24 Clean URLs Historically, ADF Faces has used URL parameters to hold information, such as window IDs and state. However, URL parameters can prevent search engines from recognizing when URLs are actually the same, and therefore interfere with analytics. URL parameters can also interfere with bookmarking. By default, ADF Faces removes URL parameters using the HTML5 History Management API. If that API is unavailable, then session cookies are used.You can also manually configure how URL parameters are removed using the context parameter oracle.adf.view.rich.prettyURL.OPTIONS. Set the parameter to off so that no parameters are removed. Set the parameter to useHistoryApi to only use the HTML5 History Management API. If a browser does not support this API, then no parameters will be removed. Set the parameter to useCookies to use session cookies to remove parameters. If the browser does not support cookies, then no parameters will be removed." See: http://docs.oracle.com/cd/E26098_01/web.1112/e16181/ap_config.htm#ADFUI12856 So basically, what this part in the documentation says is: In JDeveloper 11g R2 (11.1.2.2), Oracle ADF Faces automatically removes its internally used dynamic parameters from the URL You can influence the setting with the prettyURL.OPTIONS context option, which however is not recommended you to do because the default behavior is able to detect if the browser client supports HTML 5 History management or not. In the latter case it the uses a session cookie and if this doesn't work, falls back to the "old" URL parameter adding. The information that is not so explicit and clearly mentioned in the documentation is that this is only for ADF Faces parameters (such as _afrLoop, Adf-Window-Id, etc.), but not the ADF controller token (_adf.ctrl-state)! Removing the ADF controller token is an enhancement request that will be implemented in Oracle JDeveloper 12c

Read the article
Friday Spotlight: Oracle Secure Global Desktop and amitego VISULOX

- by Chris Kawalek

Happy Friday! Our spotlight this week is a screencast about a fantastic solution that takes the security model of Oracle Secure Global Desktop and adds even more features. If you work in environments where you need to have a video record of users' interactions with applications, or need to ensure that two users can remotely work on the same session (a worker entering data in a form from one workstation and a manager typing an authorization code from another, for example), amitego VISULOX can do this and a lot more. It's built on top of Oracle Secure Global Desktop, so you get all of the great features there, plus additional unique security related features provided by VISULOX. Click the thumbnail below to watch the screencast. We'll see you next week! -Chris

Read the article
What does RESTful web applications mean? [closed]

- by John Cooper

Possible Duplicate: What is REST (in simple English) What does RESTful web applications mean? A web service is a function that can be accessed by other programs over the web (Http). To clarify a bit, when you create a website in PHP that outputs HTML its target is the browser and by extension the human being reading the page in the browser. A web service is not targeted at humans but rather at other programs. SOAP and REST are two ways of creating WebServices. Correct me if i am wrong? What are other ways i can create a WebService? What does it mean fully RESTful web Application?

Read the article
Why make the login page to a single page application a separate page?

- by ryanzec

I am wondering why it seems to be popular to have the login page of a SPA be a separate page that is not page of the SPA (as in loaded and send data through ajax requests)? I only thing I can think of is security but I can't think a specific security reason. I mean the only thing that come to mind is that if your login page in part of the SPA, it sends the username/password through ajax which can be seen by such tools like firebug or web inspector however even if you send it as a normal POST request, there are other tools that can easily capture this data (like fiddler, httpscoop, etc...). Is there something I am missing?

Read the article
what do I need to do to get started with a website? [closed]

- by omar

I am a student and I have made websites for some companies before but now I would like to make a generic website for myself but dont know how to get started as I never had to deal with hosting or bandwidth before. I am looking to make a website that will provide users with information about me. In the future I might add things such as ordering or buying products but for now the idea is to provide information only. I was told not to go for any webhoster outside of Canada as I might risk the confidential integrity of my users or myself. I have no idea where to get started or what I need. I now also have to deal with possible security issues or security holes I may leave in my website creation... So my question here is: What is a good and reliable webhosting company that can be trusted to some degree?

Read the article
How can I view localized versions of my site?

- by Max Vernon

We are adding internationalization to our site. We are getting the client's IP address from the headers and looking it up against the IP2location database to get the client's country. Several of our clients reported seeing a blank page over the weekend. We'd like to be able to get screenshots or use a browser from many different countries on an ongoing basis for testing code changes. I need to know what the site looks like when accessed from various countries since there are several elements that vary by country. I've used Tor and Vidalia, along with the Tor customized Firefox browser however it appears the CSS is getting mangled. I have also used http://webpagetest.org to check the site, however the screenshot it gives is too small to be really useful. Is there a site or a service I can use to get screenshots or interact with my website from various countries?

Read the article
Building iPhone Interfaces for Oracle E-Business Suite

- by Shay Shmeltzer

Over on his blog Juan has been showing you how simple it is to develop a rich Web user interface with ADF accessing Oracle E-Business Suite data and even exposing it on an iPad. In this entry I'm starting from his sample application and I'm showing how easy it is to build an interface that will look great on an iPhone (or other mobile devices) using Oracle ADF Mobile Browser. For those of you who are just using ADF and never tried ADF Mobile Browser - you'll find that the development experience is quite familiar and similar to your normal Web application development. In the latest version of JDeveloper (11.1.2.1) which I'm usingin this demo we have a built-in skin that will give your application the native iOS look and feel. In the demo I achieve this by setting the styleclass of a tr:panelHeader component to af_m_toolbar to get this. For more on this styling read the doc. Check out this quick demo:

Read the article
Broken Links in different browsers

- by kdorival

Hi I'm having problems with our website, http://www.accessiblehomehealthcare.com, which is a wordpress 2.7 (version). All of a sudden our RSS links broke on the right side, which has happened before and I fixed it within 5 mins. Now, when I fix it, it doesn't look right in different version of I.E. or Firefox, I have I.E. 8 and Firefox 3.6.15 and it looks good for the most part, but there are a few parts where the links are broken. One browser the links would look ok but go to another page and the links or logos would be broken. Certain parts of the website should be static(identical) to the other pages of the site, but if a link is broken on one page, its perfect on another page. I was wondering was there a secret code for wordpress to keep the sites compatible with all browser versions or is there a bigger issue???? Any help or suggestions will help???

Read the article
Java plugin is not working on some sites

- by Jay

I have icedtea6-plugin installed on my Ubuntu box. The weird thing is, when I am browsing the internet, certain website are able to use the Java and some websites are not. For instance, I am able to log in to my bank at nordea.dk. They use a Java applet to authenticate the user. But when I try to use keepvid.com, it says "Loading Java Applet". And then after a minute or two it says "Error: Please click here to download Java. If you already have Java, please restart your browser and try again." The thing is I've restarted my computer, closed and opened my browser(chromium) and none of it seems to help. Could someone please point me in the right direction to solve this problem? Thanks.

Read the article
Mozilla's Plugin Checker Now Supports Rival Browsers

In an effort to boost security across the Web, Mozilla is extending its service for verifying plugins to competing browsers, although some questions remain.

Read the article
Handling SMS/email convergence: how does a good business app do it?

- by Tim Cooper

I'm writing a school administration software package, but it strikes me that many developers will face this same issue: when communicating with users, should you use email or SMS or both, and should you treat them as fundamentally equivalent channels such that any message can get sent using any media, (with long and short forms of the message template obviously) or should different business functions be specifically tailored to each of the 3? This question got kicked off "StackOverflow" for being overly general, so I'm hoping it's not too general for this site - the answers will no doubt be subjective but "you don't need to write a whole book to answer the question". I'm particularly interested in people who have direct experience of having written comparable business applications. Sub-questions: Do I treat SMS as "moderately secure" and email as less secure? (I'm thinking about booking tokens for parent/teacher nights, permission slips for excursions, absence explanation notes - so high security is not a requirement for us, although medium security is) Is it annoying for users to receive the same message on multiple channels? Should we have a unified framework that reports on delivery or lack thereof of emails and SMS's?

Read the article
Fire WorkflowEvents from AJAX

This article describes a loosely coupled connectivity to fire the Workflow Event Activity from AJAX/JSON driven browser.

Read the article
ORACLE UNIVERSITY

- by mseika

Expert Seminar in Dubai: Oracle Database Security Audit with Pete Finnigan Oracle University's Expert Seminars are delivered by the best Oracle Gurus in the industry from all over the world. These unique and informative seminars are designed to provide you with expert insight in your area of interest. Pete Finnigan is delivering the Expert Seminar ‘Oracle Database Security Audit’ on 16-17 January 2013 in Dubai. You can find more information here. Please note: Your OPN discount is applied to the standard price shown on the website. For assistance with bookings contact Oracle University: eMail: [email protected] Telephone: +971 4 39 09 050

Read the article
WebFX: Running JavaFX as web page

- by Bruno.Borges

This weekend I wanted to learn JavaFX, so I decided to code an idea I had a few years ago when I first saw JavaFX Script. So I started coding a web browser that runs HTML with the awesome, HTML5 supported WebView. But this browser also offers one extra feature: it loads FXML files as if they were HTML. So instead of defining your web page with HTML and running with WebKit, you can define a web page with FXML+CSS+JS and run as a JavaFX application. The project is called WebFX and already has a prototype on GitHub. I also uploaded a video on YouTube demonstrating the idea. What do you think about using JavaFX in the future for web pages, instead of HTML?

Read the article
Opera

The latest and best international Web browser — a Norwegian original

Read the article

< Previous Page | 348 349 350 351 352 353 354 355 356 357 358 359 | Next Page >