Search Results

Search found 62763 results on 2511 pages for 'net security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 37/2511 | < Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >

  • Can HTML injection be a security issue?

    - by tkbx
    I recently came across a website that generates a random adjective, surrounded by a prefix and suffix entered by the user. For example, if the user enters "123" for prefix, and "789" for suffix, it might generate "123Productive789". I've been screwing around with it, and I thought I might try something out: I entered this into the prefix field: <a href="javascript:window.close();">Click</a><hr /> And, sure enough, I was given the link, then an <hr>, then a random adjective. What I'm wondering is, could this be dangerous? There must be many more websites out there that have this issue, are all of them vulnerable to some sort of php injection?

    Read the article

  • Ubuntu's security, Gaming, X server, situation [closed]

    - by ShortCircuit
    Little background story. So when I first heard about the NSA spying on people I wasn't surprised, it also was the reason why I switched to Ubuntu. (Full time) It had it's disadvantages when comparing to Windows and it's AAA games and other stuff. My best friend is somewhat upset about me, using full time Ubuntu, because we play a game named "Dayz (an addon for Arma II)" and WineHQ wasn't of any help. Not to mention that he keeps asking me if WineHQ can run Dayz, but he clearly doesn't understand the situation of WineHQ, that it's free, that you have to be happy with what you got at the moment. (I'm not going to dual boot because, how else is gaming on Ubuntu/Linux going to happen?) But whenever I was in a nasty situation where I could do something so simply on Windows and not/hard on Ubuntu, I always thought "It's almost virus free, It's free, No one is spying on me." My Questions: My English isn't all that good, so could some one simplify/explain what the hell is going on the below standing link? Ubuntu Spyware: What to Do? https://www.gnu.org/philosophy/ubuntu-spyware.html When will gaming on Linux/Ubuntu be a real thing? I've heard that the X server's code is a mess and that Wayland will replace X server. When/will this come reality? (I might have understood this wrong.)

    Read the article

  • Asp.net MVC VirtualPathProvider views parse error

    - by madcapnmckay
    Hi, I am working on a plugin system for Asp.net MVC 2. I have a dll containing controllers and views as embedded resources. I scan the plugin dlls for controller using StructureMap and I then can pull them out and instantiate them when requested. This works fine. I then have a VirtualPathProvider which I adapted from this post public class AssemblyResourceProvider : VirtualPathProvider { protected virtual string WidgetDirectory { get { return "~/bin"; } } private bool IsAppResourcePath(string virtualPath) { var checkPath = VirtualPathUtility.ToAppRelative(virtualPath); return checkPath.StartsWith(WidgetDirectory, StringComparison.InvariantCultureIgnoreCase); } public override bool FileExists(string virtualPath) { return (IsAppResourcePath(virtualPath) || base.FileExists(virtualPath)); } public override VirtualFile GetFile(string virtualPath) { return IsAppResourcePath(virtualPath) ? new AssemblyResourceVirtualFile(virtualPath) : base.GetFile(virtualPath); } public override CacheDependency GetCacheDependency(string virtualPath, IEnumerable virtualPathDependencies, DateTime utcStart) { return IsAppResourcePath(virtualPath) ? null : base.GetCacheDependency(virtualPath, virtualPathDependencies, utcStart); } } internal class AssemblyResourceVirtualFile : VirtualFile { private readonly string path; public AssemblyResourceVirtualFile(string virtualPath) : base(virtualPath) { path = VirtualPathUtility.ToAppRelative(virtualPath); } public override Stream Open() { var parts = path.Split('/'); var resourceName = Path.GetFileName(path); var apath = HttpContext.Current.Server.MapPath(Path.GetDirectoryName(path)); var assembly = Assembly.LoadFile(apath); return assembly != null ? assembly.GetManifestResourceStream(assembly.GetManifestResourceNames().SingleOrDefault(s => string.Compare(s, resourceName, true) == 0)) : null; } } The VPP seems to be working fine also. The view is found and is pulled out into a stream. I then receive a parse error Could not load type 'System.Web.Mvc.ViewUserControl<dynamic>'. which I can't find mentioned in any previous example of pluggable views. Why would my view not compile at this stage? Thanks for any help, Ian EDIT: Getting closer to an answer but not quite clear why things aren't compiling. Based on the comments I checked the versions and everything is in V2, I believe dynamic was brought in at V2 so this is fine. I don't even have V3 installed so it can't be that. I have however got the view to render, if I remove the <dynamic> altogether. So a VPP works but only if the view is not strongly typed or dynamic This makes sense for the strongly typed scenario as the type is in the dynamically loaded dll so the viewengine will not be aware of it, even though the dll is in the bin. Is there a way to load types at app start? Considering having a go with MEF instead of my bespoke Structuremap solution. What do you think?

    Read the article

  • How can I provide an ASP.NET Forms Authentication UX while using Active Directory Role and Authentic

    - by Nate Bross
    Is it possible to use this Role Provider AspNetWindowsTokenRoleProvider with ASP.NET FORMS Authentication (via this MembershipProvider System.Web.Security.ActiveDirectoryMembershipProvider)? It seems to only work with <authentication mode="Windows">, is it possible to use it with FORMS? background -- The objective here is to provide an ASP.NET Forms UX while using Active Directory as the back-end authentication system. If there is another, easy way to do this using built-in technologies, that's great and I'd like to hear about that as well.

    Read the article

  • SSL authentication error: RemoteCertificateChainErrors on ASP.NET on Ubuntu

    - by Frank Krueger
    I am trying to access Gmail's SMTP service from an ASP.NET MVC site running under Mono 2.4.2.3. But I keep getting this error: System.InvalidOperationException: SSL authentication error: RemoteCertificateChainErrors at System.Net.Mail.SmtpClient.m__3 (System.Object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Security.Cryptography.X509Certificates.X509Chain chain, SslPolicyErrors sslPolicyErrors) [0x00000] at System.Net.Security.SslStream+c__AnonStorey9.m__9 (System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Int32[] certErrors) [0x00000] at Mono.Security.Protocol.Tls.SslClientStream.OnRemoteCertificateValidation (System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Int32[] errors) [0x00000] at Mono.Security.Protocol.Tls.SslStreamBase.RaiseRemoteCertificateValidation (System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Int32[] errors) [0x00000] at Mono.Security.Protocol.Tls.SslClientStream.RaiseServerCertificateValidation (System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Int32[] certificateErrors) [0x00000] at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () [0x00000] at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process () at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] I have installed certificates using: certmgr -ssl -m smtps://smtp.gmail.com:465 with this output: Mono Certificate Manager - version 2.4.2.3 Manage X.509 certificates and CRL from stores. Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD licensed. X.509 Certificate v3 Issued from: C=US, O=Equifax, OU=Equifax Secure Certificate Authority Issued to: C=US, O=Google Inc, CN=Google Internet Authority Valid from: 06/08/2009 20:43:27 Valid until: 06/07/2013 19:43:27 *** WARNING: Certificate signature is INVALID *** Import this certificate into the CA store ?yes X.509 Certificate v3 Issued from: C=US, O=Google Inc, CN=Google Internet Authority Issued to: C=US, S=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com Valid from: 04/22/2010 20:02:45 Valid until: 04/22/2011 20:12:45 Import this certificate into the AddressBook store ?yes 2 certificates added to the stores. In fact, this worked for a month but mysteriously stopped working on May 5. I installed these new certs today, but I am still getting these errors.

    Read the article

  • ASP.NET MVC 2 "value" in IsValid override in DataAnnotation attribute passed is null, when incorrect

    - by goldenelf2
    Hello to all! This is my first question here on stack overflow. i need help on a problem i encountered during an ASP.NET MVC2 project i am currently working on. I should note that I'm relatively new to MVC design, so pls bear my ignorance. Here goes : I have a regular form on which various details about a person are shown. One of them is "Date of Birth". My view is like this <div class="form-items"> <%: Html.Label("DateOfBirth", "Date of Birth:") %> <%: Html.EditorFor(m => m.DateOfBirth) %> <%: Html.ValidationMessageFor(m => m.DateOfBirth) %> </div> I'm using an editor template i found, to show only the date correctly : <%@ Control Language="C#" Inherits="System.Web.Mvc.ViewUserControl<System.DateTime?>"%> <%= Html.TextBox("", (Model.HasValue ? Model.Value.ToShortDateString() : string.Empty))%> I used LinqToSql designer to create my model from an sql database. In order to do some validation i made a partial class Person to extend the one created by the designer (under the same namespace) : [MetadataType(typeof(IPerson))] public partial class Person : IPerson { //To create buddy class } public interface IPerson { [Required(ErrorMessage="Please enter a name")] string Name { get; set; } [Required(ErrorMessage="Please enter a surname")] string Surname { get; set; } [Birthday] DateTime? DateOfBirth { get; set; } [Email(ErrorMessage="Please enter a valid email")] string Email { get; set; } } I want to make sure that a correct date is entered. So i created a custom DataAnnotation attribute in order to validate the date : public class BirthdayAttribute : ValidationAttribute { private const string _errorMessage = "Please enter a valid date"; public BirthdayAttribute() : base(_errorMessage) { } public override bool IsValid(object value) { if (value == null) { return true; } DateTime temp; bool result = DateTime.TryParse(value.ToString(), out temp); return result; } } Well, my problem is this. Once i enter an incorrect date in the DateOfBirth field then no custom message is displayed even if use the attribute like [Birthday(ErrorMessage=".....")]. The message displayed is the one returned from the db ie "The value '32/4/1967' is not valid for DateOfBirth.". I tried to enter some break points around the code, and found out that the "value" in attribute is always null when the date is incorrect, but always gets a value if the date is in correct format. The same ( value == null) is passed also in the code generated by the designer. This thing is driving me nuts. Please can anyone help me deal with this? Also if someone can tell me where exactly is the point of entry from the view to the database. Is it related to the model binder? because i wanted to check exactly what value is passed once i press the "submit" button. Thank you.

    Read the article

  • Cannot create instance of abstract class

    - by SmartestVEGA
    I am trying to compile the following code and i am getting the error: Cannot create instance of abstract class . Please help m_objExcel = new Excel.Application(); m_objBooks = (Excel.Workbooks)m_objExcel.Workbooks; m_objBook = (Excel._Workbook)(m_objBooks.Add(m_objOpt)); m_objSheets = (Excel.Sheets)m_objBook.Worksheets; m_objSheet = (Excel._Worksheet)(m_objSheets.get_Item(1)); // Create an array for the headers and add it to cells A1:C1. object[] objHeaders = {"Order ID", "Amount", "Tax"}; m_objRange = m_objSheet.get_Range("A1", "C1"); m_objRange.Value = objHeaders; m_objFont = m_objRange.Font; m_objFont.Bold=true; // Create an array with 3 columns and 100 rows and add it to // the worksheet starting at cell A2. object[,] objData = new Object[100,3]; Random rdm = new Random((int)DateTime.Now.Ticks); double nOrderAmt, nTax; for(int r=0;r<100;r++) { objData[r,0] = "ORD" + r.ToString("0000"); nOrderAmt = rdm.Next(1000); objData[r,1] = nOrderAmt.ToString("c"); nTax = nOrderAmt*0.07; objData[r,2] = nTax.ToString("c"); } m_objRange = m_objSheet.get_Range("A2", m_objOpt); m_objRange = m_objRange.get_Resize(100,3); m_objRange.Value = objData; // Save the Workbook and quit Excel. m_objBook.SaveAs(m_strSampleFolder + "Book2.xls", m_objOpt, m_objOpt, m_objOpt, m_objOpt, m_objOpt, Excel.XlSaveAsAccessMode.xlNoChange, m_objOpt, m_objOpt, m_objOpt, m_objOpt); m_objBook.Close(false, m_objOpt, m_objOpt); m_objExcel.Quit();

    Read the article

  • How do I change the logged in user to another?

    - by TruMan1
    I would like to change the logged in user to another user temporarily to do some process. For example, say I am logged in as "Joe". In my method, I want to make the logged in user from "Joe" to "SuperUser", do some process, then change the logged in user back to "Joe". Can someone help with this?

    Read the article

  • When the property get and set method has been called?

    - by SmartestVEGA
    i have the following property declaration Public Property IsAreaSelected() As Integer Get Return If(ViewState("IsAreaSelected") Is Nothing, 0, Cint(ViewState("IsAreaSelected"))) End Get Set(ByVal value As Integer) ViewState("IsAreaSelected") = value End Set End Property i want to know when this set and get method will be called ? will it be called when i execute IsAreaSelected() =0 or is there anything like IsAreaSelected().get() or IsAreaSelected().set() ??

    Read the article

  • showing errors from actions in table-based views

    - by enashnash
    I have a view where I want to perform different actions on the items in each row in a table, similar to this (in, say, ~/Views/Thing/Manage.aspx): <table> <% foreach (thing in Model) { %> <tr> <td><%: thing.x %></td> <td> <% using (Html.BeginForm("SetEnabled", "Thing")) { %> <%: Html.Hidden("x", thing.x) %> <%: Html.Hidden("enable", !thing.Enabled) %> <input type="submit" value="<%: thing.Enabled ? "Disable" : "Enable" %>" /> <% } %> </td> <!-- more tds with similar action forms here, a few per table row --> </tr> <% } %> In my ThingController, I have functions similar to the following: public ActionResult Manage() { return View(ThingService.GetThings()); } [HttpPost] public ActionResult SetEnabled(string x, bool enable) { try { ThingService.SetEnabled(x, enable); } catch (Exception ex) { ModelState.AddModelError("", ex.Message); // I know this is wrong... } return RedirectToAction("Manage"); } In the most part, this is working fine. The problem is that if ThingService.SetEnabled throws an error, I want to be able to display the error at the top of the table. I've tried a few things with Html.ValidationSummary() in the page but I can't get it to work. Note that I don't want to send the user to a separate page to do this, and I'm trying to do it without using any javascript. Am I going about displaying my table in the best way? How do I get the errors displayed in the way I want them to? I will end up with perhaps 40 small forms on the page. This approach comes largely from this article, but it doesn't handle the errors in the way I need to. Any takers?

    Read the article

  • Question about migrating from ASP .NET User Controls to .NET 3.5 Master Page technology

    - by Jim McFetridge
    When migrating from an ASP .NET user control -based page with a header, footer, and menu to a Master Page using the same HTML mark-up, is it normal for CSS or javascript behaviors to change slightly? In particular, the submenu bar text now appears run together (which looks like a CSS symptom) and the graphics on the line above it appear to have an incorrect z-order. (The menu operation is javascript-based.) (I tried to paste images here but couldn't.) Also, the site is very large and we've not been given permission to redo the menu for the entire site. This is a forward-only migration. (Because I know that someone will ask.) Assuming that there are no changes in scope, what are the things that I should check? Thanks! Jim

    Read the article

  • CruiseControl .Net Plugin Vb.net Error

    - by Brian
    I am trying to make my own Labeller plugin for Cruise Control .Net 1.4.3. I have made a class based on another plug in example but I keep getting an error Class 'AssemblyVersionLabeller' must implement 'Function Generate(integrationResult As IIntegrationResult) As String' for interface 'ThoughtWorks.CruiseControl.Core.ILabeller' Here is my code : Imports Exortech.NetReflector Imports ThoughtWorks.CruiseControl.Core Imports ThoughtWorks.CruiseControl.Core.Util Namespace NetAssembly.CCNet.Label _ Public Class AssemblyVersionLabeller Implements ILabeller Public Sub Run(ByVal result As IIntegrationResult) result.Label = Generate(result) End Sub Public Function Generate(ByVal integrationResult As IIntegrationResult) As String Dim label As String = integrationResult.LastIntegration.Label Return label End Function <ReflectorProperty("prefix", Required:=False)> _ Public Prefix As String = String.Empty End Class End Namespace What am I doing wrong? What have I missed? Background Info: I am using VS2005. I cant use CrusieControl 1.4.4 RC2 (which has an Assembly Labeller) because my source control's plugin (SCM Anywhere) doesnt work with it.

    Read the article

  • Testing ASP.NET security in Firefox

    - by blahblah
    I'm not sure whether this question belongs on StackOverflow or SuperUser, but here goes nothing... I'm trying to test out some basic security problems on my personal ASP.NET website to see exactly how the custom validators, etc. work when tampering with the data. I've been looking at the Firefox extension TamperData which seems to do the trick, but it doesn't feel very professional at all. The issues I'm having with TamperData is that the textbox for the POST data is way too small to hold the ASP.NET view-state, so I have to copy that data into Emacs and then back again to be productive at all. I also don't like that there doesn't seem to be an option to only tamper with data which is from/to localhost. Any ideas on better extensions for the task or better methods to test it?

    Read the article

  • VB.NET ASP.NET Web Application woes (VS 2008)

    - by typoknig
    Hi all, I am making my first web application with ASP.NET and I am having a rough time. I have previously created the application I am working on as a Windows Form application and it works great, but I am having problems with the HTML side of things in the web application. My issues are pretty minor, but very annoying. I have worked with websites before and CSS, but as far as I can tell I do not have direct access to a CSS when creating a web application in VS 2008. My biggest issue is the positioning of components that I have dragged onto the "Default.aspx" form. For instance, how am I supposed to float a panel next to another one if I don't have a CSS, or how am I to correctly position a label?

    Read the article

  • .NET TDD with a Database and ADO.NET Entity Framework - Integration Tests

    - by Brian
    Hello, I'm using ADO.NET entity framework, and am using an AdventureWorks database attached to my local database server. For unit testing, what approaches have people taken to work with a database? Obviously, the database has to be in a pre-defined state of change so that the tests can have some isolation from each other... so I need to be able to run through the inserts and updates, then rollback either between tests or after the batch of tests are done. Any advice? Thanks.

    Read the article

  • executing pages built in 1.1 and 2.0 framework in same website

    - by Technovault
    I am having an application which is built in 1.1 framework.This application is now rebuilt in 2.0 framework but due to some reason we have to use some of the pages of 1.1 framework. So for this we are executing both the applications simultaneously and n carrying out the work using querystrings. So my question can we include pages made in 1.1 and 2.0 framework in one website , if not then please suggest me any other alternative because me method is not that secure... waiting for response ....

    Read the article

  • Security Suggestions

    - by Kumar
    I am currently working on an ASP.NET 3.5 and C# web application which deals with users secure information like credit card numbers. What are some of the security measures which I need to take from an application development stand point so that I can sleep peacefully at night :)

    Read the article

  • MVC4 link automatically redirected to default INDEX page/action even if defined action name with controller

    - by Raj Tamakuwala
    i am creating web mobile application in mvc4. My problem is when I click on particular link in my application,it works well, but sometimes it automatically redirected to INDEX page that is set as default page in global.asax as routes.MapRoute( "Default", // Route name "{controller}/{action}/{id}", // URL with parameters new { controller = "Home", action = "Index", id = UrlParameter.Optional } // Parameter defaults ); Now I don't know why its automatically redirected to INDEX page,even if I have already defined controller and action name where it show redirected as, <a href='@(Url.Action( "ActivityWall", "Home"))' > </a> logically it should redirect to "ActivityWall" page,which it does.but sometime only it goes to INDEX page.then when I clear my cookie problem will again solved but after some time it again start redirecting to INDEX page. I also posted question related to cookies issue yesterday,but I think that is nit main issue. can someone help please ?

    Read the article

  • Using web.config directory security and extensionless urls

    - by Matt Brailsford
    Hi Guys, I'd like to use the built in directory security features built into the web.config to restrict access to child pages of a parent page. My structure is as follows: Members Members/News Members/Press Members/Movies Users should be able to have access to the members parent page, but not child pages. My problem is, because I am using extensionless URLs, the web.config thinks this is a directory and so access is blocked. Is there a way to say only restrict access for sub pages?

    Read the article

  • Monitoring .NET ASP.NET Applications

    - by James Hollingworth
    I have a number of applications running on top of ASP.NET I want to monitor. The main things I care about are: Exceptions: We currently some custom code which will email us when an exception occurs. If the application is failing hard it will crash our outlook... I know (and use) elmah which partly solves the problem however it is still just a big table of exceptions with a pretty(ish) UI. I want something that makes sense of all of these exceptions (e.g. groups exceptions, alerts when new ones occur, tells me what the common ones are that I should fix, etc) Logging: We currently log to files which are then accessible via a shared folder which dev's grep & tail. Does anyone know of better ways of presenting this information. In an ideal world I want to associate it with exceptions. Performance: Request times, memory usage, cpu, etc. whatever stats I can get I'm guessing this is probably going to be solved by a number of tools, has anyone got any suggestions?

    Read the article

  • Where to Perform Authentication in REST API Server?

    - by David V
    I am working on a set of REST APIs that needs to be secured so that only authenticated calls will be performed. There will be multiple web apps to service these APIs. Is there a best-practice approach as to where the authentication should occur? I have thought of two possible places. Have each web app perform the authentication by using a shared authentication service. This seems to be in line with tools like Spring Security, which is configured at the web app level. Protect each web app with a "gateway" for security. In this approach, the web app never receives unauthenticated calls. This seems to be the approach of Apache HTTP Server Authentication. With this approach, would you use Apache or nginx to protect it, or something else in between Apache/nginx and your web app? For additional reference, the authentication is similar to services like AWS that have a non-secret identifier combined with a shared secret key. I am also considering using HMAC. Also, we are writing the web services in Java using Spring. Update: To clarify, each request needs to be authenticated with the identifier and secret key. This is similar to how AWS REST requests work.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >