iframe implementation - Logic Group 3D secure
- by NoOne
I'm about to implement 3D secure with "The Logic Group". Can someone please provide brief idea on how to use iframe with examples?
Search Results
Search found 8253 results on 331 pages for 'secure coding'.
Page 6/331 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13 | Next Page >
-
-
Secure php code for copyright
- by cosy
I have an eCommerce platform, and i wand to secure it. How can it be possible ? I don't want to somebody copy my code. Like a license for 1 year with a code for activation. Or somethings like this. Sorry my English, thanks a lot!Read the article
-
Secure Government Series Part 3
- by Naresh Persaud
Secure Government Training SeriesSafeguarding Government CyberspaceClick here, to register for the live webcast. Cybersecurity threats represent one of the most serious national security, public safety, and economic challenges. While technologies empower government to lead and innovate, they also enable those who seek to disrupt and destroy progress. Cloud computing, mobile devices and social networks help government reduce costs and streamline service delivery, but also introduce heightened security vulnerabilities. How can government organizations keep pace with heightened service delivery demands and advancements in technology without compromising security? Join us November 28th for a webcast as part of the “Secure Government Training Series” to learn about a security portfolio that helps organizations mitigate cyber attacks by providing Full-spectrum cybersecurity capabilities that harden the data tier, lock down sensitive information, and provide access controls and visibility for frequently targeted systems.Gain insights to an integrated security framework and overall strategy for preventing attacks that will help your organization: Deploy resilient IT infrastructure Catalog and classify sensitive and mission-critical data Secure the enterprise data tier and lock down trusted insider privileges at all levels Automate and centralize enterprise auditing Enable automated alerting and situational awareness of security threats and incidents For more information, access the Secure Government Resource Center or to speak with an Oracle representative, please call1.800.ORACLE1. LIVE Webcast Safeguarding Government Cyberspace Date: Wednesday, November 28th, 2012 Time: 2:00 p.m. ET Visit the Secure Government Resource CenterClick here for information on enterprise security solutions that help government safeguard information, resources and networks. ACCESS NOW Copyright © 2012, Oracle. All rights reserved. Contact Us | Legal Notices | Privacy StatementRead the article
-
All Secure: "Keeping Current with Standards"
Oracle expertise in secure development practice is certified.Read the article
-
Who likes #regions in Visual Studio?
- by Nicholas
Personally I can't stand region tags, but clearly they have wide spread appeal for organizing code, so I want to test the temperature of the water for other MS developer's take on this idea. My personal feeling is that any sort of silly trick to simplify code only acts to encourage terrible coding behavior, like lack of cohesion, unclear intention and poor or incomplete coding standards. One programmer told me that code regions helped encourage coding standards by making it clear where another programmer should put his or her contributions. But, to be blunt, this sounds like a load of horse manure to me. If you have a standard, it is the programmer's job to understand what that standard is... you should't need to define it in every single class file. And, nothing is more annoying than having all of your code collapsed when you open a file. I know that cntrl + M, L will open everything up, but then you have the hideous "hash region definition" open and closing lines to read. They're just irritating. My most stead fast coding philosophy is that all programmer should strive to create clear, concise and cohesive code. Region tags just serve to create noise and redundant intentions. Region tags would be moot in a well thought out and intentioned class. The only place they seem to make sense to me, is in automatically generated code, because you should never have to read that outside of personal curiosity.Read the article
-
Which coding style is more common?
- by Babiker
In no way shape or form am i advertising/promoting my programming style, but as far as 'multiple variable declarations' are concerned, which case is more acceptable professionally and commonly: case 1: private $databaseURL = "localhost" ; private $databaseUName = "root" ; private $databasePWord = "" ; private $databaseName = "AirAlliance"; case 2: private $databaseURL = "localhost"; private $databaseUName = "root"; private $databasePWord = ""; private $databaseName = "AirAlliance"; The reason i like case 1 is because i can skim though it and see that all is correct way faster than case 2. Also i can visually get familiar with variable names witch makes it faster to work with them l latter on the program.Read the article
-
Oracle Coding Standards Feature Implementation
- by Mike Hofer
Okay, I have reached a sort of an impasse. In my open source project, a .NET-based Oracle database browser, I've implemented a bunch of refactoring tools. So far, so good. The one feature I was really hoping to implement was a big "Global Reformat" that would make the code (scripts, functions, procedures, packages, views, etc.) standards compliant. (I've always been saddened by the lack of decent SQL refactoring tools, and wanted to do something about it.) Unfortunatey, I am discovering, much to my chagrin, that there doesn't seem to be any one widely-used or even "generally accepted" standard for PL-SQL. That kind of puts a crimp on my implementation plans. My search has been fairly exhaustive. I've found lots of conflicting documents, threads and articles and the opinions are fairly diverse. (Comma placement, of all things, seems to generate quite a bit of debate.) So I'm faced with a couple of options: Add a feature that lets the user customize the standard and then reformat the code according to that standard. —OR— Add a feature that lets the user customize the standard and simply generate a violations list like StyleCop does, leaving the SQL untouched. In my mind, the first option saves the end-users a lot of work, but runs the risk of modifying SQL in potentially unwanted ways. The second option runs the risk of generating lots of warnings and doing no work whatsoever. (It'd just be generally annoying.) In either scenario, I still have no standard to go by. What I'd need to know from you guys is kind of poll-ish, but kind of not. If you were going to use a tool of this nature, what parts of your SQL code would you want it to warn you about or fix? Again, I'm just at a loss due to a lack of a cohesive standard. And given that there isn't anything out there that's officially published by Oracle, I think this is something the community could weigh in on. Also, given the way that voting works on SO, the votes would help to establish the popularity of a given "refactoring." P.S. The engine parses SQL into an expression tree so it can robustly analyze the SQL and reformat it. There should be quite a bit that we can do to correct the format of the SQL. But I am thinking that for the first release of the thing, layout is the primary concern. Though it is worth noting that the thing already has refactorings for converting keywords to upper case, and identifiers to lower case.Read the article
-
Objective PHP and key value coding
- by Lukasz
Hi Guys. In some part of my code I need something like this: $product_type = $product->type; $price_field = 'field_'.$product_type.'_price'; $price = $product->$$price_field; In other words I need kind of KVC - means get object field by field name produced at the runtime. I simply need to extend some existing system and keep field naming convention so do not advice me to change field names instead. I know something like this works for arrays, when you could easily do that by: $price = $product[$price_field_key]. So I can produce key for array dynamically. But how to do that for objects? Please help me as google gives me river of results for arrays, etc... Thank youRead the article
-
Coding Conventions - Naming Enums
- by Walter White
Hi all, Is there a document describing how to name enumerations? My preference is that an enum is a type. So, for instance, you have an enum Fruit{Apple,Orange,Banana,Pear, ... } NetworkConnectionType{LAN,Data_3g,Data_4g, ... } I am opposed to naming it: FruitEnum NetworkConnectionTypeEnum I understand it is easy to pick off which files are enums, but then you would also have: NetworkConnectionClass FruitClass Also, is there a good document describing the same for constants, where to declare them, etc.? WalterRead the article
-
In Java it seems Public constructors are always a bad coding practice
- by Adam Gent
This maybe a controversial question and may not be suited for this forum (so I will not be insulted if you choose to close this question). It seems given the current capabilities of Java there is no reason to make constructors public ... ever. Friendly, private, protected are OK but public no. It seems that its almost always a better idea to provide a public static method for creating objects. Every Java Bean serialization technology (JAXB, Jackson, Spring etc...) can call a protected or private no-arg constructor. My questions are: I have never seen this practice decreed or written down anywhere? Maybe Bloch mentions it but I don't own is book. Is there a use case other than perhaps not being super DRY that I missed? EDIT: I explain why static methods are better. .1. For one you get better type inference. For example See Guava's http://code.google.com/p/guava-libraries/wiki/CollectionUtilitiesExplained .2. As a designer of the class you can later change what is returned with a static method. .3. Dealing with constructor inheritance is painful especially if you have to pre-calculate something.Read the article
-
Huffman coding two characters as one
- by Adomas
Hi, I need huffman code(best in python or in java), which could encode text not by one character (a = 10, b = 11), but by two (ab = 11, ag = 10). Is it possible and if yes, where could i find it, maybe it's somewhere in the internet and i just can'd find it?Read the article
-
Secure ajax form POST
- by user194630
I was wondering how to develop a secure form post through AJAX. For example, i have: My HTML form. My JavaScript handling the submit. The submit url is "post_data.php" The posted data is: id=8&name=Denis The PHP verifies if variables id and name are POSTED and their data type. If this is ok it proceed to do some stuff on a database. My question is, how can i prevent someone from creating his own html form, outside my web site, or whatever, and posting false data to my PHP script? Imagine that data realy exists on my database, this could be bad. ThanksRead the article
-
on coding style
- by user12607414
I vastly prefer coding to discussing coding style, just as I would prefer to write poetry instead of talking about how it should be written. Sometimes the topic cannot be put off, either because some individual coder is messing up a shared code base and needs to be corrected, or (worse) because some officious soul has decided, "what we really need around here are some strongly enforced style rules!" Neither is the case at the moment, and yet I will venture a post on the subject. The following are not rules, but suggested etiquette. The idea is to allow a coherent style of coding to flourish safely and sanely, as a humane, inductive, social process. Maxim M1: Observe, respect, and imitate the largest-scale precedents available. (Preserve styles of whitespace, capitalization, punctuation, abbreviation, name choice, code block size, factorization, type of comments, class organization, file naming, etc., etc., etc.) Maxim M2: Don't add weight to small-scale variations. (Realize that Maxim M1 has been broken many times, but don't take that as license to create further irregularities.) Maxim M3: Listen to and rely on your reviewers to help you perceive your own coding quirks. (When you review, help the coder do this.) Maxim M4: When you touch some code, try to leave it more readable than you found it. (When you review such changes, thank the coder for the cleanup. When you plan changes, plan for cleanups.) On the Hotspot project, which is almost 1.5 decades old, we have often practiced and benefited from such etiquette. The process is, and should be, inductive, not prescriptive. An ounce of neighborliness is better than a pound of police-work. Reality check: If you actually look at (or live in) the Hotspot code base, you will find we have accumulated many annoying irregularities in our source base. I suppose this is the normal condition of a lived-in space. Unless you want to spend all your time polishing and tidying, you can't live without some smudge and clutter, can you? Final digression: Grammars and dictionaries and other prescriptive rule books are sometimes useful, but we humans learn and maintain our language by example not grammar. The same applies to style rules. Actually, I think the process of maintaining a clean and pleasant working code base is an instance of a community maintaining its common linguistic identity. BTW, I've been reading and listening to John McWhorter lately with great pleasure. (If you end with a digression, is it a tail-digression?)Read the article
-
secure rest API for running user "apps" in an iframe
- by Brian Armstrong
I want to let users create "apps" (like Facebook apps) for my website, and I'm trying to figure out the best way to make it secure. I have a REST api i want to run the user apps in an iframe on my own site (not a safe markup language like FBML) I was first looking at oAuth but this seems overkill for my solution. The "apps" don't need to be run on external sites or in desktop apps or anything. The user would stay on my site at all times but see the user submitted "app" through the iframe. So when I call the app the first time through the iframe, I can pass it some variables so it knows which logged in user is using it on my site. It can then use this user session in it's own API calls to customize the display. If the call is passed in the clear, I don't want someone to be able to intercept the session and impersonate the user. Does anyone know a good way to do this or good write up on it? Thanks!Read the article
-
I can't program because the code I am using uses old coding styles. Is this normal to programmers? [closed]
- by Renato Dinhani Conceição
I'm in my first real job as programmer, but I can't solve any problems because of the coding style used. The code here: Does not have comments Does not have functions (50, 100, 200, 300 or more lines executed in sequence) Uses a lot of if statements with a lot of paths Has variables that make no sense (eg.: cf_cfop, CF_Natop, lnom, r_procod) Uses an old language (Visual FoxPro 8 from 2002), but there are new releases from 2007. I feel like I have gone back to 1970. Is it normal for a programmer familiar with OOP, clean-code, design patterns, etc. to have trouble with coding in this old-fashion way? EDIT: All the answers are very good. For my (un)hope, appears that there are a lot of this kind of code bases around the world. A point mentioned to all answers is refactor the code. Yeah, I really like to do it. In my personal project, I always do this, but... I can't refactor the code. Programmers are only allowed to change the files in the task that they are designed for. Every change in old code must be keep commented in the code (even with Subversion as version control), plus meta informations (date, programmer, task) related to that change (this became a mess, there are code with 3 used lines and 50 old lines commented). I'm thinking that is not only a code problem, but a management of software development problem.Read the article
-
Good Secure Backups Developers at Home
- by slashmais
What is a good, secure, method to do backups, for programmers who do research & development at home and cannot afford to lose any work? Conditions: The backups must ALWAYS be within reasonably easy reach. Internet connection cannot be guaranteed to be always available. The solution must be either FREE or priced within reason, and subject to 2 above. Status Report This is for now only considering free options. The following open-source projects are suggested in the answers (here & elsewhere): BackupPC is a high-performance, enterprise-grade system for backing up Linux, WinXX and MacOSX PCs and laptops to a server's disk. Storebackup is a backup utility that stores files on other disks. mybackware: These scripts were developed to create SQL dump files for basic disaster recovery of small MySQL installations. Bacula is [...] to manage backup, recovery, and verification of computer data across a network of computers of different kinds. In technical terms, it is a network based backup program. AutoDL 2 and Sec-Bk: AutoDL 2 is a scalable transport independant automated file transfer system. It is suitable for uploading files from a staging server to every server on a production server farm [...] Sec-Bk is a set of simple utilities to securely back up files to a remote location, even a public storage location. rsnapshot is a filesystem snapshot utility for making backups of local and remote systems. rbme: Using rsync for backups [...] you get perpetual incremental backups that appear as full backups (for each day) and thus allow easy restore or further copying to tape etc. Duplicity backs directories by producing encrypted tar-format volumes and uploading them to a remote or local file server. [...] uses librsync, [for] incremental archives Other Possibilities: Using a Distributed Version Control System (DVCS) such as Git(/Easy Git), Bazaar, Mercurial answers the need to have the backup available locally. Use free online storage space as a remote backup, e.g.: compress your work/backup directory and mail it to your gmail account. Strategies See crazyscot's answerRead the article
-
What is the best aproach for coding in a slow compilation environment
- by Andrew
I used to coding in C# in a TDD style - write/or change a small chunk of code, re-compile in 10 seconds the whole solution, re-run the tests and again. Easy... That development methodology worked very well for me for a few years, until a last year when I had to go back to C++ coding and it really feels that my productivity has dramatically decreased since. The C++ as a language is not a problem - I had quite a lot fo C++ dev experience... but in the past. My productivity is still OK for a small projects, but it gets worse when with the increase of the project size and once compilation time hits 10+ minutes it gets really bad. And if I find the error I have to start compilation again, etc. That is just purely frustrating. Thus I concluded that in a small chunks (as before) is not acceptable - any recommendations how can I get myself into the old gone habit of coding for an hour or so, when reviewing the code manually (without relying on a fast C# compiler), and only recompiling/re-running unit tests once in a couple of hours. With a C# and TDD it was very easy to write a code in a evolutionary way - after a dozen of iterations whatever crap I started with was ending up in a good code, but it just does not work for me anymore (in a slow compilation environment). Would really appreciate your inputs and recos. p.s. not sure how to tag the question - anyone is welcome to re-tag the question appropriately. Cheers.Read the article
-
Most effective work habit for coding? [on hold]
- by Cris
Working on a big solo project (~15,000 LOC), I am encountering the following phenomenon: I seem to work best when I program in short bursts of 10-15 minutes. Right now I am working on a section which is a complete first time for me architecturally and if I have any architectural issues that emerge when doing the implementation, I seem to be able to best serve these by taking a total break. Then, later, sketching out the ideas on some paper. And when I feel I have sufficient clarity, then going back to code. This iterates until that architectural issue for that section is resolved. This seems quite counter intuitive: that I can progress more quickly by coding less, and taking more breaks. I am nearing the end of the sections which are "first times" for me, and about to dive into stuff which I am much more familiar and am wondering if this counter intuitive efficiency will continue. So my question is: even for regular coding of sections one is familiar with, which don't require constant re-clarification of the best architecture, is more progress to be attained by taking more breaks and coding in bursts?Read the article
-
Stop UAC/Secure Desktop from dimming the screen
- by Florian
I like the concepts of UAC and the "Secure Desktop" in Windows 7, but I don't like the dimming of the Secure Desktop to prompt for Admin credentials (or OK button to get clicked). However, dimming goes so far that my monitor regularly goes into PowerSaver mode, which is annoying (as it takes another 10 seconds for it to wake up), and might harm the monitor: two weeks after switching from XP to Windows 7, my 30" monitor stayed black and it had to get replaced. The web is full of tips how to turn off dimming, but that will always also turn off the "Secure Desktop". Is there a way to present the Secure Desktop without dimming? Or with a different visual effect to show that it is the Secure Desktop? EDIT: To clarify, I'm not looking for a way to disable dimming by disabling Secure Desktop (as is done by lowering the UAC level). I want to keep both UAC and Secure Desktop.Read the article
-
Faster, secure, protocol/code required for long-distance transfer.
- by Chopper3
I've ran into a problem and I'm looking for a new secure protocol/client/server that's faster over a 1Gb/s fibre link - let me tell you the story... I have a pair of redundant, diversely-routed, 1Gb/s links over a distance of around 250 miles or so (not dark fibre but a dedicated point to point link, not a mesh). At the 'client' end I have a HP DL380 G5 (2 x dual-core 2.66Ghz Xeon's, 4GB, Windows 2003EE 32-bit), at the 'server' end I have a HP BL460c G6 (2 x quad-core 2.53Ghz Xeons, 48GB, Oracle Linux 5.3 64-bit). I need to transfer around 500 x 2GB files per week from the client to the server machines per week - but the transfer NEEDS to be secure. Using both iPerf or regular FTP I can get ~80MB/s of transfer pretty consistently, which is great. Using WinSCP or Windows SFTP I can't seem to get more that ~3-4MB/s, at this point the server's CPU is 3% busy while CPU0 of the client goes to ~30% utilised. We've tried editing various TCP window sizes with little success. Both ends are connected to quite low-usage Cisco Cat6509's with Sup720's. I can replace the client machine with a newer machine and/or move it to Linux - but this will take time. Clearly these single-threaded secure Windows clients are introducing too much latency doing their encryption. So a few questions/thoughts; Are there any higher performing secure protocols or client software for Windows that I could try? I'm pretty protocol-gnostic so long as it'll work between Windows and Linux. Should I be using hardware to do the encryption, either in the client or the network parts? If so what would you recommend? I'm not convinced that just swapping the server would be that much faster, the CPU was only at 30% but then again that's higher than I'd have expected given the load - moving to Linux at the client end may be a better idea but would be quite disruptive. Am I missing a trick? Thanks in advance.Read the article
-
Secure Delete PCI-DSS Windows Environment
- by Brennan Mann
Hello, I have been reviewing a number of applications for securing deleting files. I understand the concepts of overwriting the file several times with zeros and random characters; however, I don't understand the concept of renaming the file up to thirty times before actually deleting the file. Any feedback would greatly be appreciated. I am currently working on a PCI DSS project. URL - SDELETE by Sysinternals http://technet.microsoft.com/en-us/sysinternals/bb897443.aspx Thanks, BrennanRead the article
-
why those chinese indent code so differently?
- by winston
currently i am working with some programmer from shanghai i notice they have some coding indentation like these: if(1==1 && 2==2) { a = 3; } else { b = 4; } however i am accustomed to: if (1==1 && 2==2) { a = 3; } else { b = 4; } what do you think? how could i get rid of different coding styles within a single program file?Read the article
-
How to secure an API written in .Net
- by The Diamond Z
This is a variation on an existing question in SO about securing/obfuscating .Net applications in general. I'm developing an API in C# that includes some algorithms I'm keen to protect. I understand no method will be perfect, but what's the generally accepted method for doing this? I'd like my clients to be able to code against the API but I don't want them to reverse engineer what's inside (at least I don't want to make it easy for them). If I obfuscate the code, won't that also obfuscate the API? We're looking at smartAssembly any thoughts comments on the product would be appreciated.Read the article
-
Zen Coding and the Art of Rapid HTML Authoring
The powerful new Zen Coding IDE plugin allows developers to write HTML with blazing speed.Read the article
-
HTML coding style: attribute starts on a new line
- by Matty
sublvl's front end developer seems to have a strange coding style that I've never seen before. Every time they begin a new element, immediately after the element name they insert a line break. The first thing that appears on the next line is the first attribute of the element. For example: id="player-container"><div id="player-bar"><div id="player-controls-wrapper"><div id="player-controls"><div id ="player-controls-buttons"> <a The above code was found here. I've never seen this kind of coding style before. What's going on here? Is this just a quirky style or is there some reasoning behind it?Read the article
