Search Results

Search found 13222 results on 529 pages for 'security gate'.

Page 414/529 | < Previous Page | 410 411 412 413 414 415 416 417 418 419 420 421 | Next Page >

Deploying plugins for Internet Explorer

- by Techpriester

Hi everybody. I'm looking for a way to deploy an Internet Explorer plugin for SVG-rendering without manually installing it on every client machine. Is there a way to use some ActiveX voodoo stuff to automatically install a plugin? I have no reliable information about the IE versions that are used on the client side so I assume the worst: IE6. To make things even harder, the users probably don't have administrator privileges on the client machines. The whole thing happens in an enclosed local network, so security considerations are entirely secondary. It also does not really matter which actual plugin it will be, anything that can render SVG and run Javascript on it will do just fine. I can't think of anything to make this work so I'm desperate for help here...

Read the article
Validating/Allowing YouTube Embed Code

- by mellowsoon

Hi, hopefully this is a simple question. I have a simple custom forum on my site written in PHP. For security reasons I don't allow any HTML in the forum posts. I only allow certain BBCode tags. I would however like to allow embedded YouTube videos. So my question is this: What's the best (most secure) way to validate the YouTube embed code? YouTube is currently using iframes to embed videos, but obviously I can't just allow the iframe tag. I also need to ensure the src of the iframe is a YouTube URL, and ensure there's no other malicious bits of code in the iframe code.

Read the article
how do you get the response back into the instance of the object?

- by randomdev

If you've written a class in JavaScript that calls a remote service's API, and that remote API offers a callback, how do you get the response back into the instance of the object that made the request? I'll try to give you a very basic example FOO for making cross domain calls to BAR service which offers a callback. Please ignore the usual security concerns, (I own both servers). function FOO() { this.response = null; this.execute = function(url) { var script = document.createElement('script'); script.src = url; document.getElementsByTagName('head')[0].appendChild(script); } this.catch = function(response) { this.response = response; } } var sample = new FOO(); sample.execute('http://barservices.com/sample/?callback={ plshelphere: this.catch}'); I have a way to make this work, but I'm curious if there is an "accepted approach" here. Anyone have thoughts for me?

Read the article
Drupal does not recognize my website has been installed

- by Marcos Buarque

After a successful Drupal install, I was trying to follow the security recommendations and reverted the settings.php file to 444 permissions (read, read, read). Then, all of a sudden, right after doing that, Drupal does not recognize the installation process was completed. It went back to the install screen. Worst of all. I did chmod back to 666 (write, write, write) but it does not work any more. When I move forward as if I was going to install Drupal again, he tells me he does not have permissions to create the files folder under sites/default... But since the installation has already been completed... the files folder is already there... I am puzzled... Could it be some sort of server caching? Since this is one of my first adventures with a Linux server, I am a bit confused. Any help appreciated... Thanks.

Read the article
Subversion post-commit hook

- by GeoSQL

I am trying to get SVN to copy files to my htdocs folder on commit. Here is what I have so far in my post-commit.bat: "C:\subversion\bin\svn.exe" update "C:\apache\apache2.2\htdocs" When I look at the log files created by the hook I get the following line: Skipped 'C:\Apache\Apache2.2\htdocs' Does anyone know why this is happening? No matter what directory I choose as a destination, I get the same error. I am running SVN 1.6.4, Tortoise 1.6.8, Apache 2.2, WinXP SP3 I am not using username and password because there is no security set up on the SVN repository. It's just me developing. Thanks

Read the article
Hooking a synchronous event handler on a form submit button in JS

- by Xzhsh

Hi, I'm working on a security project in javascript (something I honestly have not used), and I'm having some trouble with EventListeners. My code looks something like this: function prevclick(evt) { evt.preventDefault(); document.loginform.submitbtn.removeEventListener('click',prevclick,false); var req = new XMLHttpRequest(); req.open("GET","testlog.php?submission=complete",false); req.send(); document.loginform.submitbtn.click(); //tried this and loginform.submit() } document.loginform.submitbtn.addEventListener('click',prevclick,false); But the problem is, the submit button doesn't submit the form on the first click (it does, however, send the http request on the first click), and on the second click of the submit button, it works as normal. I think there is a problem with the synchronization, but I do need to have the request processed before forwarding the user to the next page. Any ideas on this would be great. Thanks in advance.

Read the article
Update database in asp.net not working

- by Badescu Alexandru

Hello ! i have in asp.net a few textboxes and i wish to update my database with the values that they encapsulate . The problem is that it doesn't work and although it doesn't work, the syntax seems correct and there are no errors present . Here is my linkbutton : <asp:linkbutton id="clickOnSave" runat="server" onclick="Save_Click" Text="Save Profile" /> and my update function protected void Save_Click(object sender, EventArgs e) { SqlConnection con = new System.Data.SqlClient.SqlConnection(); con.ConnectionString = "DataSource=.\\SQLEXPRESS;AttachDbFilename=C:\\Users\\alex\\Documents\\seeubook_db.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True"; con.Open(); String commandString = "UPDATE users SET last_name='" + Text4.Text.Trim() + "' , first_name='" + Textbox1.Text.Trim() + "' , about_me='" + Textbox5.Text.Trim() + "' , where_i_live='" + Textbox2.Text.Trim() + "' , where_i_was_born='" + Textbox3.Text.Trim() + "' , work_place='" + Textbox4.Text.Trim() + "' WHERE email='" + Session["user"] + "'"; SqlCommand sqlCmd = new SqlCommand(commandString, con); sqlCmd.ExecuteNonQuery(); con.Close(); }

Read the article
authorization services question cocoa

- by Marius

Sorry for being a total beginner in cocoa and for asking the following stupid question, but it's too confusing for me to google it myself or maybe i'm just missing something. I need to run a shellscript with elevated privileges in cocoa. As i understand, "AuthorizationExecuteWithPrivileges" is the correct way to do it. So i've created an application and tried to use some code from one example i found online. The problem is ... if i understand it correctly ... there should be a Security framework in /System/Library/Frameworks that i have to import to the project, but ... it's not there. What am i missing here? Thank you.

Read the article
Problem with bluetooth service in J2ME don't discoverable

- by Fran

Hi! I try to create a service with: LocalDevice localDevice = LocalDevice.getLocalDevice(); localDevice.setDiscoverable(DiscoveryAgent.GIAC); String url = "btl2cap://localhost:"+uuid.toString()+";name="+name+";authorize=true;authenticate=true;encrypt=true"; L2CAPConnectionNotifier notifier = (L2CAPConnectionNotifier)Connector.open(url); ServiceRecord = localDevice.getRecord(notifier); // Set some attributes // ... conn = notifier.acceptAndOpen(); //... I run this code on a Nokia 5800 and Nokia 2760, with 5800 I can see 2760, but not vice versa, I don't know what is the problem, I have think security problems... Any ideas? Thanks!

Read the article
How long until programming becomes a professionally certified (and respected as such) skill such as

- by Michael Campbell

Given Toyota's recent issues and the ENORMOUS amount of safety that is being relegated to computers, how long do you think it will be before programming, or perhaps programming certain things (embedded transportation software, (air) traffic control, electrical grid, hospital equipment, nuclear plant security, planes, etc.) becomes regulated? And/or, how long before there will be certain regulated certifications before you can call yourself a "software developer", like Architects and Engineers have now? (NB: I'm from the US, so I don't know how it works in other countries; please forgive my ignornace.)

Read the article
CouchDB read authorization

- by mdikici

In couchdb website - technical overview - security and validation - http://couchdb.apache.org/docs/overview.html - it writes that (on reader access part) "To protect document contents, CouchDB documents can have a reader list. This is an optional list of reader-names allowed to read the document. When a reader list is used, protected documents are only viewable by listed users." I searched about how to use it but i found nothing. So is it actually used and if it is how? Thanks. -- Mustafa

Read the article
javascript button click casuing Internet Explorer secuirty exception...

- by hp

Hello, I have a application that allows a user to choose some parameters for a powerpoint report, run the report, then allow the user to "save" or "open" the powerpoint file. I got all of that working OK. When you click on "run" report, it pops open a window which generates the report, stores it in session, then closes the window. I have a button on the main page that will export the report. So, now, when the pop up window that generates the report is finished, i use "window.opener" to call a javascript method on the main page, that will do a javascript click of the button. when this button is pressed, Internet Explorer gives me the following message : "To help protect your security, Internet Explorer blocked this site from downloading files to your computer.." Do you guys know of any tricks around this?

Read the article
Web Form based login in Java

- by BrunoLM

How can I block access to the site if a user is not logged in? Under web.xml Security I checked Form authentication then I selected Login and Error page, but I don't know how to block the access and redirect the user to the login page. Do I need a filter? If so, how can I get the login url I specified? And how should I call the validation method? I saw in some examples this code <form method=post action="j_security_check"> <input type="text" name="j_username" /> <input type="password" name="j_password" /> </form> What does it do?

Read the article
Is SHA sufficient for checking file duplication? (sha1_file in PHP)

- by wag2639

Suppose you wanted to make a file hosting site for people to upload their files and send a link to their friends to retrieve it later and you want to insure files are duplicated where we store them, is PHP's sha1_file good enough for the task? Is there any reason to not use md5_file instead? For the frontend, it'll be obscured using the original file name store in a database but some additional concerns would be if this would reveal anything about the original poster. Does a file inherit any meta information with it like last modified or who posted it or is this stuff based in the file system? Also, is using a salt frivolous since security in regards of rainbow table attack mean nothing to this and the hash could later be used as a checksum? One last thing, scalability? initially, it's only going to be used for small files a couple of megs big but eventually... Edit 1: The point of the hash is primarily to avoid file duplication, not to create obscurity.

Read the article
Is it safe to develop for older versions of Zend Framework?

- by RenderIn

Our vendor-supported server's O/S only supports PHP 5.1.6, which limits us to ZF 1.6. The current version of Zend Framework requires a higher version of PHP. We're struggling to decide whether to adopt ZF because of this incompatibility. Is it feasible to develop (indefinitely) in these older versions of ZF or should we hold off? Features, security, bugs, etc. Is this a path we don't want to go down or are these older versions perfectly usable in a production environment?

Read the article
Windows Server 2008 Antivirus Software with an API

- by Dave Jellison

I'm looking for an Antivirus package that is compliant with Windows Server 2008. That's not the hard part. What I need is an API layer on the Antivirus that i can call from managed .net code. For example: I am developing an Asp.Net (C#) website that allows users to upload files to the web server which the web site resides on. We have full control of the server so there are no security/rights issues on the server. I need to be able to run the antivirus algorithm on the newly uploaded files without (hopefully) shelling out to a command-ilne version of the software. Does anyone know of such a package?

Read the article
Should I use "id" or "unique username"?

- by roa3

I am using PHP, AS3 and mysql. I have a website. A flash(as3) website. The flash website store the members' information in mysql database through php. In "members" table, i have "id" as the primary key and "username" as a unique field. Now my situation is: When flash want to display a member's profile. My questions: Should Flash pass the member "ID" or "username" to php to process the mysql query? Is there any different passing the "id" or "username"? Which one is more secure? Which one you recommend? I would like to optimize my website in terms of security and performance.

Read the article
Html how to make a part on iframe, unvisible and unclickable externally? (my idea)

- by ozan

I have a page (A) including a BUTTON with a function close_window() , however when I embed A to my main page (B) using iframe, the close_window() can't work as expected since there is no more window anymore, and I am not able to remove the button from the iframe since A is on another domain (Security issues prevents). What I want to do is make this button label invisible. And the only way I think is to put a white image just to the place where that button exists on my iframe, externally. is Smthing like that possible? I want the image to be on the top of iframe? Or do you have any other idea ? Thanks for helps.

Read the article
Pros and Cons of Proprietary Software

- by Jon Purdy

Proprietary software is about as good as open-source software. There are so many problems with proprietary technologies, however, that I'm beginning to think it's best to avoid them: The software will only be maintained as long as the company exists (and profits). The level of security of the application is as unknowable as the source code. Alterations and derivative works, however necessary and beneficial, are disallowed. I simply don't see any point in even learning to use such systems as those created by Microsoft and Apple. Of course I don't pretend that ignorance is the superior option: one has to have a certain working knowledge simply because of the ubiquity of these things. I just don't see any reason why, as an independent developer, I should ever consider it a remotely good idea to actually use them. So that's the question, or discussion topic, or what have you: In what ways do developers benefit at all from using closed-source development software?

Read the article
whatz wrong in this SELECt query of MSSQL... ?

- by user522211

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Dim SQLData As New System.Data.SqlClient.SqlConnection("Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True") Dim cmdSelect As New System.Data.SqlClient.SqlCommand("SELECT * FROM Table1 WHERE Date =" & TextBox1.Text & "'", SQLData) SQLData.Open() Dim dtrReader As System.Data.SqlClient.SqlDataReader = cmdSelect.ExecuteReader() While dtrReader.Read() For j As Integer = 1 To 31 Dim s As String = "s" & j If dtrReader(s.ToString()).ToString() = "b" Then Dim img As ImageButton = DirectCast(Panel1.FindControl(s.ToString()), ImageButton) img.ImageUrl = "~/Images/booked.gif" img.Enabled = False End If Next End While dtrReader.Close() SQLData.Close() End Sub SHOWS AN ERROR : Unclosed quotation mark after the character string ''.

Read the article
How can I clean up this SELECT query?

- by Cruachan

I'm running PHP 5 and MySQL 5 on a dedicated server (Ubuntu Server 8.10) with full root access. I'm cleaning up some LAMP code I've inherited and I've a large number of SQL selects with this type of construct: SELECT ... FROM table WHERE LCASE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( strSomeField, ' ', '-'), ',', ''), '/', '-'), '&', ''), '+', '') ) = $somevalue Ignoring the fact that the database should never have been constructed to require such a select in the first place, and the $somevalue field will need to be parameterised to plug the gaping security hole, what is my best option for fixing the WHERE condition into something less offensive? If I was using MSSQL or Oracle I'd simply put together a user-defined function, but my experience with MySQL is more limited and I've not constructed a UDF with it before, although I'm happy coding C. Update: For all those who've already raised their eyebrows at this in the original code, $somevalue is actually something like $GET['product']—there are a few variations on the theme. In this case the select is pulling the product back from the database by product name—after stripping out characters so it matches what could be previously passed as a URI parameter.

Read the article
Problem with commit in sharpsvn

- by zhangxiaoning

Hi,I'm a programmer in china. I want to commit the changes of a working copy in my computer to the repository. The repository is in an URL and i´m doing this now: using (SvnClient client = new SvnClient()){ string path = @"C:\testdelete\test.java"; client.Delete(path); client.Authentication.Clear(); // Clear predefined handlers client.Authentication.UserNamePasswordHandlers += delegate(object obj, SharpSvn.Security.SvnUserNamePasswordEventArgs args) { args.UserName = "username"; args.Password = "password"; }; var uri = client.GetUriFromWorkingCopy(path); if (uri != null) { SvnCommitArgs args = new SvnCommitArgs(); args.ThrowOnError = true; args.ThrowOnCancel = true; client.Commit(path, args);//here throw a SvnOperationCanceledException } } But it doesn´t work,Why?Thanks!

Read the article
Best language to develop medical software

- by Grace

I need to write medical program to manage medical practices (patient records, appointments, prescription, etc). Note that this is not for US practices so US EMRs will not work. What is the best platform to develop the software in ie. language and database? Considerations include: - Integration with the web - will need to have Doctors download updates to the software from the web. Will also post reports from the software unto webpages - The software will include a mobile application - probably for Blackberry - Cost is a big factor - need to minimize the license cost to the users - Need tight security on the program

Read the article
Android sending SOAP object over Https via ksoap2 2.5.8

- by Jack-V

My first time posting a question here so please do not mind my mistakes here. I'm currently making an android application fetching and sending information from a .asmx web service. Everything goes well with the ksoap2 library and am using HttpTransportSE to call the web service. So now what I'm trying to do is to use the HttpsTransportSE to call the web service over Https. I got java.security.cert.certpathvalidatorexception trustanchor for certpath not found exception. I have the server certificate in .pfx , .jks and .bks format. My questions is what do i do with it to make my HttpsTransportSE call to be success? I've read around with articles using custom SSLSocketFactory but am still not sure how to implement it in my application. Thanks in advance for any suggestion/advices

Read the article
I don't seem to have an ASPNET user account running on my machine.

- by pkiyan

Hi: I'm reading up on ASP.NET, and just came to a chapter that explains how to upload a file to your website. It says that in order to save a file to your file system, in the case of every OS except Win Server '03, an ASP.NET page executes in the security context of the ASPNET account. I don't have an ASPNET account running on my machine (win xp pro sp3; .NET 3.5). The program runs fine, by the way, I'm just trying to understand what an ASPNET account is exactly, and why it doesn't seem to show up on my list of user accounts. Thanks.

Read the article

< Previous Page | 410 411 412 413 414 415 416 417 418 419 420 421 | Next Page >