Search Results

Search found 13222 results on 529 pages for 'security gate'.

Page 411/529 | < Previous Page | 407 408 409 410 411 412 413 414 415 416 417 418  | Next Page >

• Rails3 and safe nl2br !

  - by arkannia

  Hi, I have a system for the users to be able to post comments. The comments are grasped into a textarea. My problem is to format the comments with br tag to replace \n In fact, i could do something like that s.gsub(/\n/, '<br />') But the xss protection including in rails escapes br tags. So i could do this s.gsub(/\n/, '<br />').html_safe But then, all the tags are accepted even script.... causing a big security problem So my question is : how to format text with br safely ? Thanks EDIT: For now, i have add this def sanitaze self.gsub(/(<.*?>)/, '') end def nl2br self.sanitaze.gsub(/\n/, '<br />').html_safe end

  Read the article

• a direct, simple api to run as system?

  - by fejesjoco

  Suppose a program is running with elevated privileges already, and it needs to see the contents of the System Volume Information folder, and by default, only NT Authority\System can do that. A workaround would be to change ACL's on the folder, but I don't want to mess with that. I already found two ways to do it: the task scheduler and psexec. They are too indirect, I don't even need to describe the first one, and the second one works by installing a windows service, running it, telling it to run whatever I wanted to run, then uninstalling the service. Now the question is: is there a direct, simple WinAPI function to run something as system? I don't think that such an API would circumvent the security restrictions, as an administrator I have the right to schedule a task or install a service, so there must be a shortcut.

  Read the article

• Windows Platform Installer fails during Orchard Installation

  - by nullnvoid

  I'm attempting to install Orchard 1.0 on a Windows 7 box. It has only just been released. I downloaded and installed the Windows Platform Installer and attempted to install Orchard. The error message is just that the application has stopped working and asks if I want to debug or close the application. The event log contains a single error: "The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing." I tried installing MVC3 and it worked without issue. Has anyone experienced a similar problem?

  Read the article

• How to run an .exe application in another computer?

  - by ADAM

  I am working on a C# application in Visual Studio 2013. When I run the .exe file from my computer, the application runs very well and all the features work. When I tried to run the .exe on another computer, the database side doesn't work well and the connection with the database couldn't be opened. The SqlConnection is constructed as follows: SqlConnection cn = new SqlConnection("Data Source=ADAM-PC;Initial Catalog=integrationdatabase;Integrated Security=True" I don't know how to change the data source to make the connection with the database established in another computer. How can I solve this problem?

  Read the article

• file_get_contents() returns "failed to open stream" when hitting HTTPS

  - by TMC

  file_get_contents() is returning "failed to open stream" when I call it on an HTTPS URL. Warning: file_get_contents(https://google.com) [function.file-get-contents]: failed to open stream: No error in E:\\htdocs\callback3.php on line 5 Same call will work with a non-SSL URL. At first, I thought it was a security issue with my webhoster, but I have verified with phpinfo() that allow url open is indeed allowed. I have also tried this code and verified it works: Anyone have any ideas why file_get_contents() is failing with an HTTPS URL? update: People correctly pointed out this was an HTTPS issue. My webhoster claims this should work, and has no idea how to resolve this. Anyone have specific directions I can give them for their IIS7 setup?

  Read the article

• How can I provide links to intranet files through ASP.net?

  - by PhoenixWright

  Conditions: The files must be opened outside of the window that the link to them is in. I have tried href, but when I give it an intranet link it only opens correctly if I leave out target="_blank"; if I put that in, the new window that opens doesn't receive the full link if there is a pound sign in the filepath... a direct link to the intranet address \a\b\c#c.txt would be fine with me; there is no concern about security, but I can't seem to get that to happen in a new window. It seems like this is happening when I don't create a new window, but I can't utilize the same window to open the links. Any ideas?

  Read the article

• Taking web page screen shot in Windows 8 Metro app

  - by Megan

  I'm trying to take screen shot of web page in Windows 8 Metro app. So far the only helpful control is the WebView. Unfortunately it does not contain any method like DrawToBitmap (known from Forms WebBrowser control). Am I missing something? Different approach would focus on injecting some JS (e.g. html2canvas) to page rendered in WebView but I don't think it is possible due to security reasons. I would greatly appreciate any help.

  Read the article

• Using WPF class in a web application, problem with hosting permission

  - by tanathos

  I'm developing a DLL that uses WPF classes to make image manipulation. It works fine in my local environment, but when I try to use it in an hosted web site I retrieve this error: Request for the permission of type 'System.Security.Permissions.MediaPermission, WindowsBase, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' failed. exactly when I try to call the EndInit() of a BitmapImage object: BitmapImage originalImage = new BitmapImage(); originalImage.BeginInit(); originalImage.CacheOption = BitmapCacheOption.OnLoad; originalImage.UriSource = new Uri(physical_imagepath); originalImage.EndInit(); Any suggestion?

  Read the article

• RUP (Rational Unified Process)

  - by tony

  I have chosen to use the development method RUP (Rational Unified Process) in my project. This is a method I've never used before. I've also included some elements from Scrum in the development process. The question is what the requirement specifications should contain in a RUP-model? Is it functional and non-functional requirements? And what should be included in a technical analysis and security requirements for RUP? Can’t find any information. Notes about this would be helpful. Hope people with RUP experience can share some useful experiences

  Read the article

• can I prohibit users from loading swf files by AS3 / Flash Loader.load() and only allow loading imag

  - by EndangeringSpecies

  I want to have an AS3 app load images from url supplied by the user. But I don't want a malicious user to be able to load an SWF file in place of the image, such as with an altered extension "maliciousSwf.png". Well, not sure how big a security threat that is above and beyond the ability of the hacker to decompile swf, but I think that ideally such behavior should not be allowed. So, is there any way to prevent this? When people allow users to load images in their Flash apps, do they somehow guard against loading of SWF? Or is this really absolutely no big deal?

  Read the article

• Browser application & local file system access

  - by Beyond HTML

  I want to enhance my browser-based web application with functionality that enables management of local files and folders. E.g. folder tree structures should be synchronized between local workstation and server via HTTP(S). I am aware of security-related limitations in browser-based applications. However, there are some techniques that "work around" these issues: Signed Java applets (full trust) .NET Windows Forms browser controls (no joke, that works. Just the configuration is horrible) ActiveX My question is: What do you use/suggest, both technology and implementation practice? Key requirement is that the installation process is as simple as possible. Thanks for your opinions!

  Read the article

• What's wrong in this SELECT statement

  - by user522211

  Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Dim SQLData As New System.Data.SqlClient.SqlConnection("Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True") Dim cmdSelect As New System.Data.SqlClient.SqlCommand("SELECT * FROM Table1 WHERE Seats ='" & TextBox1.Text & "'", SQLData) SQLData.Open() Using adapter As New SqlDataAdapter(cmdSelect) Using table As New Data.DataTable() adapter.Fill(table) TextBox1.Text = [String].Join(", ", table.AsEnumerable().[Select](Function(r) r.Field(Of Integer)("seat_select"))) End Using End Using SQLData.Close() End Sub This line will be highlighted with blue line: TextBox1.Text = [String].Join(", ", table.AsEnumerable().[Select](Function(r) r.Field(Of Integer)("seat_select")))

  Read the article

• iFrames and Cookies

  - by Tom

  I have a site on A.com and an iframe on B.com which reads info from A.com. I realize that there is some problems with third party cookies, iframes and P3P - particularly in Safari [my problem] Is it possible to instead, use AJAX or a hidden iFrame to pass the cookie information from A.com to B.com which will then "recreate" another cookie with the same information on the iframe in B.com. I am trying to do this for authenication - i.e. a user is logged in on A.com and then goes to b.com and the iframe is also logged in ? I was hoping to perhaps pass the data in a hidden iframe and "recreate" the cookie in the iframe on B.com using JavaScript? Is this possible ? Security issues ? What about HTTPS?

  Read the article

• Can a Client Link to My JavaScript, Hosted on a Different Domain?

  - by DaveDev

  Is it possible for me to supply a client with a snippet of HTML which contains a reference to a javascript file that I host? They want to paste this HTML into their CMS, so that when their page loads, it'll load our content. I was under the impression that there was cross domain security preventing this from being possible. What if, instead of linking to the JavaScript, I gave them the snippet of HTML with the JavaScript already included so instead of <div> <!-- link to js --> </div> I gave them <div> $.get(/*url to my content*/); </div> Would that work?

  Read the article

• Creating a simple wcf service publishing it to my webhotel, and get it to work

  - by H4mm3rHead

  Hi, This seems to be a recurring problem to me. I want to get started doing wcf services. I create a new Wcf Service Library, compile it, and publish it using FTP to my providers webhotel. But its not working. I somehow cant get access. I dont want some fancy security model - i just want to get a hole through to my simple webservice. Seems that its the part when i publish it to my webhotel (in a subdomain) that breaks the webservice - its working perfectly when starting it locally. How to proceed anyone?

  Read the article

• Accessing an RSS feed in Flex, works when run from Flash Builder 4, but not when the project is onli

  - by ben

  Hey guys, In my Flex 4 app, I access an RSS feed (I'm using http://news.ycombinator.com/rss as a dummy). It works okay when I run it from Flash Builder 4, but if I export the project and upload it, I get the following error when it tries to load the RSS feed: Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: my_website_url cannot load data from http://news.ycombinator.com/rss. What could be causing this error? Shouldn't RSS be able to be accessed from anywhere? Thanks for reading.

  Read the article

• Using JavaScript to change the URL used when a page is bookmarked...

  - by user30997

  JavaScript doesn't allow you to update window.location without triggering a reload. While I agree with this policy in principle (it shouldn't be possible to visit my website and have JavaScript change the location bar to read www.yourbankingsite.com,) I believe that it should be possible to change www.foo.org/index to www.foo.org/help. The only reason I care about this is for bookmarking. I'm working on a photo browser, and when a user is previewing a particular image, I want that image to be the default if they should bookmark that page. For example, if they are viewing foo.org/preview/images0-30 and they click on image #15, that image is expanded to a medium-sized view. If they then bookmark the page, I want the bookmark URL to be foo.org/preview/images0-30/active15. Any thoughts, or is there a security barrier on this one as well? I can certainly understand the same policy being applied here, but one can dream.

  Read the article

• Using WiX, how do I change a property of a subfolder of a virtual directory?

  - by Joergen Bech

  I have a hierarchy of Directory elements in a WiX script. I also have a component that creates a virtual directory (using IIS:WebVirtualDir), which points to the root of my Directory hierarchy. How do I change a property (e.g. AnonymousAccess) of a subfolder of the virtual directory, e.g. MyVirtualDir <<< this is the virtual directory root MyVirtualDir\MySubFolder <<< this is the subfolder for which I wish to change a property using WebDirProperties Please note that I do not wish to create a new virtual directory for the subfolder. I only wish to change a few security settings. The current script is too big to post here, but take a look at the WiX tutorial: 5.3 Web Directory. Suppose in that example that there was another Directory element named "MySubFolder" nested within the "InstallDir" element. What would then be the next step in order to set properties for "MySubFolder" without turning it into a virtual directory?

  Read the article

• How do I get the current location of an iframe?

  - by studiothat

  I have built a basic data entry application allowing users to browse external content in iframe and enter data quickly from the same page. One of the data variables is the URL. Ideally I would like to be able to load the iframes current url into a textbox with javascript. I realize now that this is not going to happen due to security issues. Has anyone done anything on the server side? or know of any .Net browser in browser controls. The ultimate goal is to just give the user an easy method of extracting the url of the page they are viewing in the iframe It doesn't necessarily HAVE to be an iframe, a browser in the browser would be ideal. Thanks, Adam

  Read the article

• What alternatives are there for asp.net forms authentication?

  - by Eytan Levit

  Hi, We are developing a web app that will have a pretty complex user and permission system. The general idea is that we have 3 levels of security: a simple user - that can only access basic data that is in a data repository a manager - that can open up data repositories a superuser - that can open up repository factories. each repository contains various data types(text, images, etc etc). We are looking for authentication methods that will allow us: 1. Scalability. 2. Customization. 3. To create permissions that will effect the GUI + deny access to certain pages. 4. To create predefined roles - that will allow for easy setup of new users. 5. To create custom roles for specific users - allowing them permission sets that are different from the predefined roles. Thanks in advance

  Read the article

• Communication via internet in Java

  - by Stuart

  What I mean is like servers on video games. You can run an application and it will set up a server on your computer with an IP and a port. For example, how would you make an application where one host application sets up a thing where it has an IP and a port, and another computer that has access to the internet as well can type in the IP and port and it would be able to communicate with the host? I mean simple communication, like sending a boolean or String. And would there be any security problems that would be needed to fix?

  Read the article

• Eval IronPython Scripts during ASP.NET Web Request; Static Engine or Not

  - by Josh Pearce

  I would like to create an ASP.NET MVC web application which has extensible logic that does not require a re-build. I was thinking of creating a filter which had an instance of the IronPython engine. What I would like to know is: how much overhead is there in creating a new engine during each web request, and would it be a better idea to keep a static engine around? However, if I were to keep a single static engine around, what are the issues I might run into as far as locking and script scope? Is it possible to have multiple scopes in the same IropPython engine so I don't get variable collision and security issues between web requests?

  Read the article

• App.config settings, environment variable as partial path

  - by Jean-Bernard Pellerin

  I'm new to tinkering with app.config and xml, and am currently doing some refactoring in some code I haven't written. Currently we have a snippet which looks like this: <setting name="FirstSetting" serializeAs="String"> <value>Data Source=C:\Documents and Settings\All Users\ApplicationData\Company ...;Persist Security Info=False</value> What I'd like to do is have it instead point to something like ${PROGRAMDATA}\Company\... How can I achieve this, keeping in mind that PROGRAMDATA will not always point to C:\ProgramData ?

  Read the article

• CryptGenRandom to generate asp.net session id

  - by DoDo

  Hi! does anyone have working example of CryptGenrRandom class to generate session id (need to use in my iis module). HCRYPTPROV hCryptProv; BYTE pbData[16]; if(CryptAcquireContext( &hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if(CryptGenRandom(hCryptProv, 8, pbData)) { std::string s(( const char *) pbData); printf(s.c_str()); } else { MyHandleError("Error during CryptGenRandom."); } } else { MyHandleError("Error during CryptAcquireContext!\n"); } i tried this code but, its not working quite well (i get it from msdn) and this example don't work for me ( http://www.codeproject.com/KB/security/plaintextsessionkey.aspx ) so if anyone know how to generate sessionid using this class plz let me know tnx anyway!

  Read the article

• Symfony 2 - UrlGenerator::doGenerate is called before listener

  - by guyaloni

  I want to add to the context a parameter, so when login is called I can use it in the route (similar to _locale). I can add this piece of code in HttpUtils.php (as resetLocale), but i don't find it very clean. The reason I need it is the firewall redirection to the login controller, which I would like to have in its route a customized parameter. My problem is that my listener is called after UrlGenerator::doGenerate is called, so I get a MissingMandatoryParametersException. Here is my config.yml relevant code: services: mycompany.demobundle.listener.request: class: MyCompany\DemoBundle\RequestListener arguments: [@router, @security.context] tags: - { name: kernel.event_listener, event: kernel.request, method: onKernelRequest } Any idea???

  Read the article

< Previous Page | 407 408 409 410 411 412 413 414 415 416 417 418  | Next Page >