Search Results

Search found 12426 results on 498 pages for 'selectors api'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 385/498 | < Previous Page | 381 382 383 384 385 386 387 388 389 390 391 392  | Next Page >

  • Is Rails default CSRF protection insecure

    - by schickb
    By default the form post CSRF protection in Rails creates an authenticity token for a user that only changes when the user's session changes. One of our customers did a security audit of our site and flagged that as an issue. The auditor's statement was that if we also had a XSS vulnerability that an attacker could grab another user's authenticity token and make use of it for CSRF attacks until the user's session expired. But is seems to me that if we had an XSS vulnerability like that an attacker could just as easily grab another user's session cookie and login as that user directly. Or even just make call to our REST Api as the user being attacked. No secondary CSRF attack needed. Have I missed something? Is there a real problem with the default CSRF protection in Rails?

    Read the article

  • Why I add the CGPoint in the NSMultable Array?

    - by Tattat
    I want to store my CGPoint to the NSMultable Array, so , I have method like this: [self.points addObject:CGPointMake(x, y)]; But I got the error, it said that : Incompatible type for argument 1 of "addObject". So, I check out the API, (void)addObject:(id)anObject anObject The object to add to the end of the receiver's content. This value must not be nil. So, I think the "CGPointMake" can make a Object, but it can't be assigned. What happens?

    Read the article

  • JD Edwards... call C#?

    - by rbobby
    Hey all, I know very little about JD Edwards. I have a client asking how to call an API we supply (as COM, C#, REST) from JD Edwards. I'm not getting much in terms of high quality answers from their tech guy... so I thought I'd ask here. Can JD Edwards call C#? Can JD Edwards call Java? Can JD Edwards call a Unix scipt? Can anyone point me towards anything useful in terms of developer/customization documentation? Thanks!

    Read the article

  • How can I best geocode a table of addresses in SQL Server?

    - by ess
    I've got a SQL Server 2008 table with addresses. I've got some C# code that can individually geocode the addresses. I've got a Google Maps API for geocoding. Now I'm trying to figure out the most efficient way to use these resources. I could write a console app that manually updates the tables using my C# library, but the data I have is updated periodically. I will be performing an import routine of some sort and I'm thinking it would be 'simplest' to perform the geocoding as the import occurs. I'm not so strong on SQL Server capabilities, so I'm looking for advice. I've considered letting the import call an assembly I create that would be referenced in SQL Server, but read that Sql Server 2008 has made it virtually impossible to reference your own DLL. So my next guess is having the import call a web service to pass in the address and update the table with the results, but I've not had much luck in finding info on this method. Any advice?

    Read the article

  • How does jQuery stores data with .data()?

    - by TK
    I am a little confused how jQuery stores data with .data() functions. Is this something called expando? Or is this using HTML5 Web Storage although I think this is very unlikely? The documentation says: The .data() method allows us to attach data of any type to DOM elements in a way that is safe from circular references and therefore from memory leaks. As I read about expando, it seems to have a rick of memory leak. Unfortunately my skills are not enough to read and understand jQuery code itself, but I want to know how jQuery stores such data by using data(). http://api.jquery.com/data/

    Read the article

  • How to finish a broken data upload to the production Google App Engine server?

    - by WooYek
    I was uploading the data to App Engine (not dev server) through loader class and remote api, and I hit the quota in the middle of a CSV file. Based on logs and progress sqllite db, how can I select remaining portion of data to be uploaded? Going through tens of records to determine which was and which was not transfered, is not appealing task, so I look for some way to limit the number of record I need to check. Here's relevant (IMO) log portion, how to interpret work item numbers? [DEBUG 2010-03-30 03:22:51,757 bulkloader.py] [Thread-2] [1041-1050] Transferred 10 entities in 3.9 seconds [DEBUG 2010-03-30 03:22:51,757 adaptive_thread_pool.py] [Thread-2] Got work item [1071-1080] <cut> [DEBUG 2010-03-30 03:23:09,194 bulkloader.py] [Thread-1] [1141-1150] Transferred 10 entities in 4.6 seconds [DEBUG 2010-03-30 03:23:09,194 adaptive_thread_pool.py] [Thread-1] Got work item [1161-1170] <cut> [DEBUG 2010-03-30 03:23:09,226 bulkloader.py] [Thread-3] [1151-1160] Transferred 10 entities in 4.2 seconds [DEBUG 2010-03-30 03:23:09,226 adaptive_thread_pool.py] [Thread-3] Got work item [1171-1180] [ERROR 2010-03-30 03:23:10,174 bulkloader.py] Retrying on non-fatal HTTP error: 503 Service Unavailable

    Read the article

  • Rails - how can I query the db w/o touching the sessions table

    - by sa125
    Hi - I'm trying to provide a HTTP api to my app that queries a db that's read-only (for replication purposes). I find that my app crashes repeatedly when making a request b/c the call is trying to update the sessions table whenever I query the db. This doesn't happen when I return some text without hitting the database for info. class APIController < AplicationController def view data = Product.find(params[:id]).to_json # will fail data = { :one => 1, :two => 2 }.to_json # will succeed respond_to do |format| format.html { render :json => data } end end end How do I restrict it from touching the sessions table on this request (it's currently issuing an UPDATE on the updated_at field for that session). thanks.

    Read the article

  • Upload/Download images to FTP without bothering the user

    - by Dan B
    Hi, I know a lot of posts have been made in regards to FTP, but none have led me to what I need. I'm trying to upload a picture to a server (currently attempting FTP) but do it without notifying requiring the user to be involved. I want to be able to seamlessly upload/download the image when a certain user action occurs, but I don't want to use a third-party app like AndFTP. The idea is that a user will upload a picture, and then another user will be able to grab that picture based on which user put it up. No user will know where it's going or where it came from, nor will they navigate the FTP. Alternatively, does anyone have thoughts on a better way to do that? I thought of using the imgur api, but it can't be used commercially. It would, however, be perfect for my purposes. Is there a similar open-source alternative? Any help is greatly appreciated. Dan

    Read the article

  • how to mouse click on an image on a running IE instance programmatically from windows form app

    - by mike_jik
    I want to create a windows app that does the following. When a button is clicked, Find a running instance of IE (which I was able to get a handle using FindWindow api (user32.dll)) Send message to windows OS to mouse click on the image in IE. I already know that there is an image on the page. -- this is where I need help!! thanks. How do I get a image object in html from windows app when I have a handle? I've tried user32.dll (mouse_event(long dwFlags, long dx, long dy, long cButtons, long dwExtraInfo)) but I can't find correct x and y for the image in the page.

    Read the article

  • Retrieving JSON from a web URL

    - by npeterson
    This may be a terribly uninformed question, brace yourself. A company I'm working with has given an 'API' that I can use to access orders, however, there are only two real commands, getorders and getorderdetails. These commands are put in the format of http://www.server.com/path/to/the/orderapi/getorders/UniqueKey/ If I go to that web address, I'm prompted for a username and password, and once authenticating, get presented with a page of JSON formatted order details, contained in the body of the html page. I would like a service to check this information and create orders in our crm based on it, is there an obvious way to access it without the browser/client interaction?

    Read the article

  • How to validate HTTP request headers before receiving request body using WCF

    - by anelson
    I'm implementing a REST service using WCF which will be used to upload very large files. The HTTP headers in this request will communicate information which will be validated prior to allowing the upload to proceed (things like permissions, available disk space, etc). It's possible this validation will fail resulting in an error response. I'd like to do this validation prior to the client sending the body of the request, so it has a chance to detect failure before uploading potentially gigabytes of data. RESTful web services use the HTTP 1.1 Expect: 100-continue in the request to implement this. For example Amazon S3's REST API can validate your key and ACLs in response to an object PUT operation, returning 100 Continue if all is well, indicating you may proceed to send your data. I've rummaged around the WCF documentation and I just can't see a way to accomplish this without doing some pretty low-level hooking into the HTTP request processing pipeline. How would you suggest I solve this problem?

    Read the article

  • HTTP Digest Authentication Fails With URL Parameters (CakePHP)

    - by NathanGaskin
    I have a RESTful API set up and working with CakePHP using mapResources() and parseExtensions(). Authentication is handled by CakePHP's security component using HTTP Digest Authentication. Everything works fine, unless I add parameters to the url, in the form: http://example.com/locations.xml?distance=4 Which causes the authentication to always fail. Any ideas? Edit: This seems to be an issue with the regex in parseDigestAuthData(). There's a semi-fix here: http://old.nabble.com/paginator-conflicts-with-Security-%3ErequireLogin---td16301573.html which now allows me to use the format: http://example.com/locations/index/distance:4/.xml But that's not RESTful and doesn't look all that pretty. Still, getting closer!

    Read the article

  • Game Programming - GUIs

    - by Spencer
    I've been coding for a while now and would like to start looking into programming games. I know the industry's standard language is C++, for 3D graphics the main choice is between Direct 3D and OpenGL, but what is the most widely used GUI framework? I'm currently on a Mac so if native Windows API is the answer, then what is the cross platform choice? To be clear, I'm not looking for people's favourites but simply what the common or standard game industry's choice is so that I can learn and familiarize myself with it. Thanks, Spencer

    Read the article

  • "Microsoft DNS Client" vs. getaddrinfo?

    - by Josh K
    Right now, my application is using the c-ares asynchronous DNS resolver library on Windows below cURL, and I have users complaining that it behaves differently from other windows apps. One particular user said that "other applications are using the Microsoft DNS client" and experiences no problems. cURL itself has an asynchronous DNS implementation that uses getaddrinfo() in a thread. My guess is that would be equivalent behavior to using the "DNS Client" and its host of functions (e.g. DnsQuery?) So, dear Lazyweb, I ask if there is a tangible difference between the behavior of getaddrinfo() vs. using the actual Dns* APIs from the Win32 API.

    Read the article

  • NHibernate Criteria - How to filter on combination of properties

    - by DavGarcia
    I needed to filter a list of results using the combination of two properties. A plain SQL statement would look like this: SELECT TOP 10 * FROM Person WHERE FirstName + ' ' + LastName LIKE '%' + @Term + '%' The ICriteria in NHibernate that I ended up using was: ICriteria criteria = Session.CreateCriteria(typeof(Person)); criteria.Add(Expression.Sql( "FirstName + ' ' + LastName LIKE ?", "%" + term + "%", NHibernateUtil.String)); criteria.SetMaxResults(10); It works perfectly, but I'm not sure if it is the ideal solution since I'm still learning about NHibernate's Criteria API. What are the recommended alternatives? Is there something besides Expression.Sql that would perform the same operation? I tried Expression.Like but couldn't figure out how to combine the first and last names. Should I map a FullName property to the formula "FirstName + ' ' + LastName" in the mapping class? Should I create a read only FullName property on the domain object then map it to a column?

    Read the article

  • Verbose Listing of All Application Layers/Tiers?

    - by leeand00
    I've looked at a few sites now, and I'm still struggling to find a complete listing of all the possible layers/tiers you can have in an application. From back in college (1999) I remember the following: Presentation Layer (Views) Application Layer (Controllers) Business Logic Layer (API/Rules) Persistence Layer (Database/Object Persistence/Model) I'm not advocating that they all be used...especially when you consider that too many layers/tiers could lead to an increase in complexity...I just wondered what the complete list might look like... Based on a couple of blogs I've found several different answers...and Javascript and client side technologies seem to have leaked in adding more client-side layers according to one blog the client side tier might even consist of Behavior Layer (Javascript, Flash) Presentation Layer (CSS/Images) Note: I though the entire client side layer was the presentation layer Structure Layer (XHTML, HTML) I'm just trying to get an abstract idea of what all the possible layers might be, (even though some people call them different things)

    Read the article

  • How to use unicode inside an xpath string? (UnicodeEncodeError)

    - by Gj
    I'm using xpath in Selenium RC via the Python api. I need to click an a element who's text is "Submit »" Here's the error that I'm getting: In [18]: sel.click(u"xpath=//a[text()='Submit \xbb')]") ERROR: An unexpected error occurred while tokenizing input The following traceback may be corrupted or invalid The error message is: ('EOF in multi-line statement', (1121, 0)) --------------------------------------------------------------------------- Exception Traceback (most recent call last) /Users/me/<ipython console> in <module>() /Users/me/selenium.pyc in click(self, locator) 282 'locator' is an element locator 283 """ --> 284 self.do_command("click", [locator,]) 285 286 /Users/me/selenium.pyc in do_command(self, verb, args) 213 #print "Selenium Result: " + repr(data) + "\n\n" 214 if (not data.startswith('OK')): --> 215 raise Exception, data 216 return data 217 <type 'str'>: (<type 'exceptions.UnicodeEncodeError'>, UnicodeEncodeError('ascii', u"ERROR: Invalid xpath [2]: //a[text()='Submit \xbb')]", 45, 46, 'ordinal not in range(128)'))

    Read the article

  • Windows 7 interfering with smart cards

    - by Dennis
    I have an application that uses the PC/SC API to communicate with smart cards. On Windows 7, I get strange results: the data returned from the cards is inconsistent and invalid with certain commands. If I disable the Smart Card Plug and Play service in group policy then everything works fine. Has anyone experienced anything similar? Is there any way to get the smart card plug and play service to play nice? It would be nice to not have to disable it...

    Read the article

  • Access Adobe InDesign files

    - by PeterMmm
    I need some directions for the following problem: I have a lot of InDesign files and i have to setup a process that will track if a certain paragraph or text block has changed between diferent versions of the file. If the text block has changed i want to extract that text block in a "portable" format (html, pdf, txt). Is there an Adobe product that would do that ? Is there any public API to access an InDesign file ? Is there the posibility to export InDesign to, say, html ?

    Read the article

  • Get user-inputed file name from JFileChooser Save dialog box

    - by Anya
    This answer to this question may seem obvious, but I'm actually struggling with it quite a bit. I've searched through JFileChooser methods in the API, and I've looked at some of the questions already asked and answered here on stackoverflow. My question is this. In my program, I am to allow the user to type in a file name which I will then use to create a brand new file that I will write on. How do you get the text the user has entered in the textfield next to the label "Save As:" on the Save dialog box provided by JFileChooser? Is there a JFileChooser method that would allow me to get that user-inputed text? Or would I have to go through another class, or do something else to get that text? Thank you so much, to anyone who answers. It's very late for me now, and this program is due in a few hours (meaning I'll be having another sleepless night). Desperate may be too strong a word, but I'm something close enough.

    Read the article

  • Setting a cell's format using Excel 2007 Interop and C#

    - by CVertex
    I'm using the office 2007 interop assemblies to create some excel spreadsheets. There are plenty of questions on here about getting started and MSDN contains heaps of articles, like this one. The API is funky, and sometimes a bit confusing. When I set a value of a cell, is there a way to set it's format? I'd like to mark particular fields as Date's so my customer can run excel macros on them. Also, numbers would be useful. Thanks!

    Read the article

  • How to tell if a user is a fan of the fan page

    - by Dominic Godin
    Hi, I'm working on a FBML fan page for a client. I need to perform a check to see if the current user is a fan of the page. I tried using the JavaScript API but I've found this is not compatible with FBML. I have looked through the FBML page on the developer wiki and found checks for practically everything else but no is user fan check. Any pointers in the right direction would be most appreciated. Thanks in advance.

    Read the article

  • unable to add objects to saved collection in GAE using JDO

    - by Jeffrey Chee
    I have a ClassA containing an ArrayList of another ClassB I can save a new instance of ClassA with ClassB instances also saved using JDO. However, When I retrieve the instance of Class A, I try to do like the below: ClassA instance = PMF.get().getPersistenceManager().GetObjectByID( someid ); instance.GetClassBArrayList().add( new ClassB(...) ); I get an Exception like the below: Uncaught exception from servlet com.google.appengine.api.datastore.DatastoreNeedIndexException: no matching index found.. So I was wondering, Is it possible to add a new item to the previously saved collection? Or was it something I missed out. Best Regards

    Read the article

  • Piping SoX in Python - subprocess alternative?

    - by Cochise Ruhulessin
    I use SoX in an application. The application uses it to apply various operations on audiofiles, such as trimming. This works fine: from subprocess import Popen, PIPE kwargs = {'stdin': PIPE, 'stdout': PIPE, 'stderr': PIPE} pipe = Popen(['sox','-t','mp3','-', 'test.mp3','trim','0','15'], **kwargs) output, errors = pipe.communicate(input=open('test.mp3','rb').read()) if errors: raise RuntimeError(errors) This will cause problems on large files hower, since read() loads the complete file to memory; which is slow and may cause the pipes' buffer to overflow. A workaround exists: from subprocess import Popen, PIPE import tempfile import uuid import shutil import os kwargs = {'stdin': PIPE, 'stdout': PIPE, 'stderr': PIPE} tmp = os.path.join(tempfile.gettempdir(), uuid.uuid1().hex + '.mp3') pipe = Popen(['sox','test.mp3', tmp,'trim','0','15'], **kwargs) output, errors = pipe.communicate() if errors: raise RuntimeError(errors) shutil.copy2(tmp, 'test.mp3') os.remove(tmp) So the question stands as follows: Are there any alternatives to this approach, aside from writing a Python extension to the Sox C API?

    Read the article

  • server side Adobe AIR apps

    - by Robbie
    This might sound like a really stupid question, but is there anyway to run an Adobe AIR application in a headless server side mode on a non-UI server (i.e. Linux)? I'm trying to build server side bots to interact with an API (grapevinetalk.com) and I want to use existing code to do that without having to re-write all the data munging etc for a new application. The application I'm trying to port is essentially a jQuery based AIR desktop app that I want to reuse for server side interactions. I've tried Rhino with envjs.com, but am having some issues so am looking at alternatives. Thanks Robbie

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 381 382 383 384 385 386 387 388 389 390 391 392  | Next Page >