Search Results

Search found 1701 results on 69 pages for 'cookie'.

Page 54/69 | < Previous Page | 50 51 52 53 54 55 56 57 58 59 60 61  | Next Page >

• Cookies ignored on Apache/Magento installation

  - by Laizer

  I'm running a Magento based website store on Linux/Apache. In order that user logins are maintained, I've set my cookie lifetime to be close to two years. The cookies are sent out with the right times, I can see them in my browsers. When I visit the site from a previously logged-in browser after about a day, the user is logged out. I can still see the cookies, with their extended life, present in the browser. Where should I start looking to get to the bottom of this issue?

  Read the article

• Care to be taken when serving static content (JS, CSS, Media) from different domain?

  - by Aahan Krish

  Let me try to explain by example. Say website is hosted at example.com (NOT www.example.com). In order to serve static content cookie-free, I've chosen to use a different domain example-static.com. Now, lets consider that my static content is currently served like this: http://example.com/js/script.js http://example.com/css/style.css http://example.com/media/image.jpg ** Now I create a CNAME record aliasing example-static.com to my main domain i.e. example.com so that the static content is served as such: http://example-static.com/js/script.js http://example-static.com/css/style.css http://example-static.com/media/image.jpg ** Is that all I have to do? Will all browsers execute JavaScript files and load web fonts without any security concerns? OR should I be using some .htaccess rules to modify header information and the like? PS: It would be great if you can provide what rules should be added, if need be.

  Read the article

• How I Can do web programming with Lisp or Scheme?

  - by Castro

  I usually write web apps in PHP, Ruby or Perl. I am starting the study of Scheme and I want to try some web project with this language. But I can't find what is the best environment for this. I am looking for the following features: A simple way of get the request parameters (something like: get-get #key, get-post #key, get-cookie #key). Mysql access. HTML Form generators, processing, validators, etc. Helpers for filter user input data (something like htmlentities, escape variables for put in queries, etc). FLOSS. And GNU/Linux friendly. So, thanks in advance to all replies.

  Read the article

• Security for web services only used from a Silverlight application?

  - by Lasse V. Karlsen

  I have googled a bit for how I should handle security in a web service application when the application is basically the data repository for a Silverlight application, but have gotten inconclusive results. The Silverlight application is not supposed to have its own user authentication, since it will be reachable only through a web application that the user have already authenticated to get into. As such, I was thinking I could simply add a parameter to the SL application that is a cookie-type value, with a certain lifetime, linked to the user in the database. The SL application would then have to pass this value alongside other parameters to the web services. Since the web service is hopefully going to be a generic web service endpoint, few methods, adding an extra parameter at this level will not be a problem. But, am I supposed to roll this system on my own? It sounds to me as this isn't exactly new features that nobody has considered before, so what are my options?

  Read the article

• How to return dynamic CSS with ASP.NET MVC?

  - by Morten Mertner

  I need a solution that lets me accomplish the following: Returning CSS that is dynamically generated by an action method Choosing CSS file depending on request parameter or cookie Using a tool to combine and compress (minify) CSS I am currently considering why there is no CssResult in ASP.NET MVC, and whether there might be a reason for its absence. Would creating a custom ActionResult not be the best way to go about this? Is there some other way that I've overlooked to do what I need? Any other suggestions or hints that might be relevant before I embark on this task will also be appreciated :)

  Read the article

• MVC Forms Authentication with custom database

  - by AndrewVos

  I'm trying to get forms authentication working for an mvc site. I have a custom database with a users table, and I would like to do my own password validation. I am logging in my user like this: if (PasswordHasher.Hash(password) == dataUser.Password) { FormsAuthentication.SetAuthCookie(email, true); return true; } The problem is, when the session expires obviously the user has to login again. I am thinking I should be storing this Auth cookie in my users table? Update: I'm obviously in desperate need of more education in this area. I just noticed that the user stays authenticated even after an iisreset. I guess what I'm asking is how can I get persistent and non persistent authentication working properly. I want a user to not have to login again if they click "remember", and if they don't then their authentication should expire when the forms authentication is set to expire.

  Read the article

• Django i18n: makemessages only on site level possible?

  - by AndiDog

  I have several strings in my site that don't belong to any app, for example {% block title %}{% trans "Login" %}{% endblock %} or a modified authentication form used to set the locale cookie class AuthenticationFormWithLocaleOption(AuthenticationForm): locale = forms.ChoiceField(choices = settings.LANGUAGES, required = False, initial = preselectedLocale, label = _("Locale/language")) Now when I execute django-admin.py makemessages --all -e .html,.template in the site directory, it extracts the strings from all Python, .html and .template files, including those in my apps. That is because I develop my apps inside that directory: Directory structure: sitename myapp1 myapp2 Is there any way to extract all strings that are not in my apps? The only solution I found is to move the app directories outside the site directory structure, but I'm using bzr-externals (similar to git submodules or svn externals) so that doesn't make sense in my case. Moving stuff that needs translation into a new app is also possible but I don't know if that is the only reasonable solution.

  Read the article

• Can you pass _POST variables from 1 server to another?

  - by Dr. DOT

  I have a web form on an IIS server (has no PHP). I have a PHP script on a LAMP server. My _POST var array is coming up empty on the LAMP server. My suspicion is I cannot pass POST vars from 1 server to another but I would like to have that confirmed. Does anyone know the answer to this? If that's the case then I know I need to with use _GET vars in the URL's Query String or set a cookie (which I can do because both servers are config'd with the domain name). Thanks for your help.

  Read the article

• Expiring an IE session using WatiN

  - by Steve Wilkes

  I'm trying to write an acceptance test using WatiN which checks that a user is redirected to the login page if they navigate to a page after their session times out. I'm using WatiN's IE class for the browser, and trying the following: // 1. Login // 2. Do this: Browser.ClearCookies(); Browser.ClearCache(); // 3. Navigate to a different page But the user is always still logged in. Other info: I'm running the test through the NUnit GUI running as an administrator It's an ASP.NET MVC 3 site, using forms authentication and in-process session state I'm using IE9. If I manually clear all cookies in Chrome, the user is logged out If I manually clear all cookies in IE the user stays logged in If I call Browser.Eval("alert(document.cookie)"); in IE it alerts an empty string Given the above, I'm assuming this is a quirk with IE; any ideas how I can work around it?

  Read the article

• Why do I have a page hit for 404.php after each legitimate pagehit?

  - by Nathan Long

  I'm working with an intranet system that, on each page, checks the user's cookie, verifies that they can see the current page based on database permissions, and records a page hit that includes their id and the page URL. I just noticed that in the pagehits table, I see an entry for 404.php (my custom 404 page specified in the Apache config) one second after each legitimate page hit. Is this probably my fault, or does it have something to do with how Apache decides to load the 404 page? I'm using Apache 2.2.14 (Win32) and PHP 5.3.2.

  Read the article

• ASP NET forms Authorization: how to reduce duration?

  - by eddo

  I've got a web page which is implementing cookie based ASPNET Forms Authentication. Once the user has logged in the page, he can edit some information using a form which is created using a partialview and returned to him as a dialog for editing. The action linked to the partial view is decorated as follows: [HttpGet] [OutputCache(Duration = 0, VaryByParam = "None")] [Authorize(Roles = "test")] public ActionResult changeTripInfo(int tripID, bool ovride=false) { ... } The problem i am experiencing is the latency between the request and the time when the dialog is shown to the user: time ranges between 800 and 1100 ms which is not justified by the complexity of the form. Investigating with Glimpse turns out that the time to process the AuthorizeAttribute (see snip) sums up to at least 650 ms which is troubling me. Looking at the Sql server log, the call which checks the user roles takes, as expected, virtually nothing (duration 0). How can I reduce this time? Am I missing some optimization?

  Read the article

• ASP MVC: Keeping track of logged in users.

  - by user323395

  I'm creating a ASP MVC application. And because of the complex authorization i'm trying to build my own login system. (So i'm not using asp membership providers, and related classes). Now i'm able to create new accounts in the database with hashed passwords. But how do i keep track that a user is logged in. Is generating a long random number and putting this with the userID in the database and cookie enough? Sorry for my rather bad english! Ty in advance :)

  Read the article

• What are the alternatives for Java authentication?

  - by Crusader

  Preferably something that integrates well with a Flex front end. Yes the Spring Security guys say this is possible, but all examples seem to use legacy jsp tag libraries making them half useless as examples. I don't want to spend a month setting up and learning how to use a security tool. I would like a tool which supports using annotations (@RolesAllowed etc), MINIMAL XML, and 'remember-me' features (not cookie based). Apache Shiro seems to support Flex/Silverlight/Swing as well but I'd like to know if there are any other alternatives that are NOT container specific.

  Read the article

• I have three different websites and I want to create a single entry point for all of them but how?

  - by austin powers

  Hi all, We are creating three different websites using asp.net but for the user part we want to implement an approach so that each user only need to create an account in any of these three sites but use the same account in other websites too. here is what I've suggested : create a useracount.website.com server then put the sql server there and implement core user account library there such as (creating/editing/etc...) whenever a visitor needs to have an account or needs to login into out sites then we will redirect him to the useracount.website.com address and he/she should login from that point. and for the maintaining the user's states I've suggested to using cookies. and all of these scenarios should be implemented by asp.net and sql. please let me know with best approach cause I feel mine is not that good specially the cookie part. cheers.

  Read the article

• format.js response doesn't execute

  - by Denis

  Hi, I use Rails 3.0.0 Beta following an action, my rjs view returns a javascript, but the code is not executed In firebug I see in my response $('polaroids').insert("<li>\n <a title=\"4204497503_a0c43c561d.jpg\" href=\"#\">\n <img alt=\"4204497503_a0c43c561d.jpg\" src=\"/system/photos/279/original/4204497503_a0c43c561d.jpg?1268857318\" />\n <\/a>\n<\/li>") Here is the response header Response Headers Etag "7343b21b2f062fb74b7d5f32e3a83c2c" Connection Keep-Alive Content-Type text/javascript; charset=utf-8 Date Wed, 17 Mar 2010 20:21:58 GMT Server WEBrick/1.3.1 (Ruby/1.8.7/2008-08-11) X-Runtime 0.060497 Content-Length 220 Cache-Control max-age=0, private, must-revalidate Set-Cookie _photos_session=BAh7ByIQX2NzcmZfdG9rZW4iMS9OWnpOZUR6UGQ2UDhvbGt5YWpTWXhJcFR2YjRHOEhzZHlIbmdMblRlMWs9Ig9zZXNzaW9uX2lkIiUxNjlhOWYzNjQxODE2N2NjN2FiNmYzY2VkYmU3OTgwYQ%3D%3D--022d7202178b2cc7bf968e558c2ae67ecef1fb74; path=/; HttpOnly

  Read the article

• How do I stack Plack authentication handlers?

  - by Schwern

  I would like to have my Plack app try several different means of authorizing the user. Specifically, check if the user is already authorized via a session cookie, then check for Digest authentication and then fall back to Basic. I figured I could just enable a bunch of Auth handlers in the order I wanted them to be checked (Session, Digest, Basic). Unfortunately, the way that Plack::Middleware::Auth::Digest and Plack::Middleware::Auth::Basic are written they both return 401 if digest or basic auth doesn't exist, respectively. How is this normally dealt with in Plack?

  Read the article

• Accessing php $_SESSION from python (wsgi) - is it possible?

  - by Bill Zimmerman

  Hi, I've got a python/WSGI app which needs to check to see if a user has logged on to a PHP web app. The problem is that the PHP app checks if a user has logged on by comparing a value in the $_SESSION variable to a value in the cookie from the user's browser. I would prefer to avoid changing the behavior of the php app if at all possible. My questions: Is there anyway I can access the session variables from within python? Where should I start to look? Are there any obvious security/performance issues I should be aware of when taking this approach?

  Read the article

• Free PHP framework/library for single-sign on / cross domain login

  - by Dennis Cheung

  I am looking for free (non GPL is better) SSO framework/library implementation or code samples. There are many kind of SSO implementation. Sharing cookie, sharing session, one time token, associative accounts, etc, etc. (BTW, any good article compare them?) Is there any keyword I should google and reuse before before I start to implement our own wheel. I know OpenID, but which is too much and it is not our need. We rather keep it KISS. We just want share the credentials of user that could save users from another login form.

  Read the article

• PHP Sessions Error

  - by Andrei Korchagin

  I'm new to PHP sessions and I've come across the following error: Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at somefile:someline). As well as this one: Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent by (output started at somefile:someline). The session_start(); is the very first thing in all of my code. I'm not sure what the problem is. It gave me line numbers but all I do on those lines is start the session. Also - I have a portion of code whose POST action is another PHP page. How can I set a $_SESSION variable pertaining to this page within that action page?

  Read the article

• Connection: Keep-Alive and PHP sessions not working

  - by user366667

  We have a VB application that needs to run an specific flow on a PHP page. This application was correctly catching the PHPSESSID cookie and using it for all subsequent requests. However, PHP wasn't able to restore any changes made on $_SESSION variable. The variable was changed, saved, and on the next request it was restored as an empty array. We found out that changing the Connection header from "Keep-Alive" to "Close" fixed the issue. I couldn't find anything on the web saying that PHP sessions shouldn't be restored under Keep-Alive connections. Does anyone know why this was happening? PS: We didn't find anything weird or different on Apache, ModSecurity or PHP configuration settings.

  Read the article

• Way around ASP.NET session being shared across multiple tab windows

  - by ace

  I'm storing some value in an asp.net session on the first page. On the next page, this session value is being read. However if multiple tabs are opened and there are multiple page 1-page 2 navigation going on, the value stored in session gets mixed up since the session is shared between the browser tabs. I'm wondering what are the options around this : Query String: Passing value between the pages using query string, I don't want to take this approach since there can be multiple anchor tags on page 1 linking to page 2 and I can not rewrite the URLs of each tag since they are dynamic. Cookies??? In-memory cookies are shared across browser tabs too, same as the session cookie, rite ? Any other option?

  Read the article

• What frameworks should we consider for a custom web application?

  - by justkevin

  A client is looking for a custom web application, which will eventually include lots of interconnected components, but the main features are: Subscription based membership as well as virtual/digital product sales Members have their own public web cookie-cutter directories (e.g., storefronts, pages, etc.) and personal member admin area. Site administrators will need both common tools (member admin, password changes, etc.) and custom tools that can be readily developed or integrated with 3rd party solutions. What frameworks should we be looking at? PHP/MySQL is preferable unless something really outstanding is available in another stack.

  Read the article

• how to determine if forum has new posts

  - by Joan Silverstone

  Hey, i am coding a small php forum from scratch and would like to show readers what posts he hasnt read yet and what forum categories have unread posts since this visit, pretty much how phpbb or invision boards work. How do i approach this, cookies? phpbb doesnt seem to use cookies for this, not very a good idea do have a cookie for each post... maybe use css visited attribute? but i dont see how would that work if a new post pops up. Thanks.

  Read the article

• Linq to SQL - How to compare against a collection in the where clause?

  - by Sgraffite

  I'd like to compare against an IEnumerable collection in my where clause. Do I need to manually loop through the collection to pull out the column I want to compare against, or is there a generic way to handle this? I want something like this: public IEnumerable<Cookie> GetCookiesForUsers(IEnumerable<User> Users) { var cookies = from c in db.Cookies join uc in db.UserCookies on c.CookieID equals uc.CookieID join u in db.Users on uc.UserID equals u.UserID where u.UserID.Equals(Users.UserID) select c; return cookies.ToList(); } I'm used to using the lambda Linq to SQL syntax, but I decided to try the SQLesque syntax since I was using joins this time. What is a good way to do this?

  Read the article

• What is the purpose of this string argument in a JavaScript function?

  - by Adel

  In the following function, there is the line: var username=getCookie("username"); Here's the whole function: function checkCookie() { var username=getCookie("username"); if (username!=null && username!="") { alert("Welcome again " + username); } else { username=prompt("Please enter your name:",""); if (username!=null && username!="") { setCookie("username",username,365); } } What is the point of the "username" argument being passed above? function getCookie(c_name) { var i,x,y,ARRcookies=document.cookie.split(";"); for (i=0;i<ARRcookies.length;i++) { x=ARRcookies[i].substr(0,ARRcookies[i].indexOf("=")); y=ARRcookies[i].substr(ARRcookies[i].indexOf("=")+1); x=x.replace(/^\s+|\s+$/g,""); if (x==c_name) { return unescape(y); } } } The whole code is here Thanks!

  Read the article

< Previous Page | 50 51 52 53 54 55 56 57 58 59 60 61  | Next Page >