Search Results

Search found 60978 results on 2440 pages for 'web development'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 609/2440 | < Previous Page | 605 606 607 608 609 610 611 612 613 614 615 616  | Next Page >

  • Replay attacks for HTTPS requests

    - by MatthewMartin
    Let's say a security tester uses a proxy, say Fiddler, and records an HTTPS request using the administrator's credentials-- on replay of the entire request (including session and auth cookies) the security tester is able to succesfully (re)record transactions. The claim is that this is a sign of a CSRF vulnerability. What would a malicious user have to do to intercept the HTTPS request and replay it? It this a task for script kiddies, well funded military hacking teams or time-traveling-alien technology? Is it really so easy to record the SSL sessions of users and replay them before the tickets expire? No code in the application currently does anything interesting on HTTP GET, so AFAIK, tricking the admin into clicking a link or loading a image with a malicious URL isn't an issue.

    Read the article

  • case insensitive mapping for Spring MVC @RequestMapping annotations

    - by Zahid Riaz
    I have Controller having multiple @RequestMapping annotations in it. @Controller public class SignUpController { @RequestMapping("signup") public String showSignUp() throws Exception { return "somejsp"; } @RequestMapping("fullSignup") public String showFullSignUp() throws Exception { return "anotherjsp"; } @RequestMapping("signup/createAccount") public String createAccount() throws Exception { return "anyjsp"; } } How can I map these @RequestMapping to case insensitive. i.e. if I use "/fullsignup" or "/fullSignup" I should get "anotherjsp". But this is not happening right now. Only "/fullSignup" is working fine.

    Read the article

  • How to get the list of price offers on an item from Amazon with python-amazon-product-api item_looku

    - by miernik
    I am trying to write a function to get a list of offers (their prices) for an item based on the ASIN: def price_offers(asin): from amazonproduct import API, ResultPaginator, AWSError from config import AWS_KEY, SECRET_KEY api = API(AWS_KEY, SECRET_KEY, 'de') str_asin = str(asin) node = api.item_lookup(id=str_asin, ResponseGroup='Offers', Condition='All', MerchantId='All') for a in node: print a.Offer.OfferListing.Price.FormattedPrice I am reading http://docs.amazonwebservices.com/AWSECommerceService/latest/DG/index.html?ItemLookup.html and trying to make this work, but all the time it just says: Failure instance: Traceback: <type 'exceptions.AttributeError'>: no such child: {http://webservices.amazon.com/AWSECommerceService/2009-10-01}Offer

    Read the article

  • Password/Key protection

    - by user221919
    hi I am implementing paymentgateways and I need to protect its key and password for security reason. also some webservices keys and password in asp.net. Please help me to do as mention. waiting for your valuable thought. Thanking You.

    Read the article

  • Most performant ASP.NET web controls suite

    - by DotNetter
    Personally I've been working for years with Telerik's RadControls and DevExpress ASP.NET controls. IMHO they both produce quite a lot HTML overhead on the client side thus for that I've never been highly pleased with them. I also know about Infragistics, ComponentOne, ComponentArt, etc. How are these? I'd assume they are not much different than those I mentioned. Which (commercial) controls suite generates the most compact HTML on the client side? Do you have any recommendations?

    Read the article

  • Multiple CSS Classes: Properties Overlapping based on the order defined.

    - by Jian Lin
    Is there a rule in CSS that determines the cascading order when multiple classes are defined on an element? (class="one two" vs class="two one") Right now, there seems to be no such effect. Example: both divs are orange in color on Firefox <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <style> .one { border: 6px dashed green } .two { border: 6px dashed orange } </style> </head> <body> <div class="one two"> hello world </div> <div class="two one"> hello world </div>

    Read the article

  • C#/VB.Net Web Browser Control Replacement

    - by Lienau
    I've been working on a project that requires that I can go around webpages with different proxies, user-agents, and clear cookies. Now after looking all around the net, it looks like there are some solutions for each of these, but I can never get them working. I was wondering if there was a wrapper for this control that fixed all of these problems or even just a different control I could include. Thanks. Edit: I tried using HTTPWebRequest, it has everything I need -Javascript

    Read the article

  • Using a Session Scoped Bean

    - by jboyd
    The following code is returning null: private MyAppUser getMyAppUser(HttpSession session) { MyAppUser myAppUser = (MyAppUser) session.getAttribute("myAppUserManager"); return myAppUser; } Despite the fact that I have the following in my context: <bean id="myAppUserManager" class="com.myapp.profile.MyAppUser" scope="session"/> This doesn't make any sense to me, the "myAppUser" bean is a bean that absolutely can never be null, and I need to be able to reference it from controllers, I don't need it in services or repositories, just controllers, but it doesn't seem to be getting stored in the session, the use case is extremely simple, but I haven't been able to get to the bottom of what's wrong, or come up with a good workaround

    Read the article

  • Mobile web page size

    - by andreas
    Hey all! I have a developer designing a financial application to be used on a mobile phone via the phones browser. Now each page is 150kb wich to my opinion is way to large. No images are used as it is mostlyhtml buttons and css and possibly javscript. How can i minimise the page size?

    Read the article

  • AWS SES for bulk mail : Require email verification?

    - by weotch
    We're thinking of moving to Amazon's SES for sending bulk mail. It appears that we have a unique API call for each email we want to send. So if there are 20k emails to send, we make 20k API calls. My question is, do we need to verify these email addresses before we send to them? We have an existing database of users and I'd rather the transition to SES to be transparent to them. I noticed that SES has an API method for verifying emails. If we aren't required to verify, why would someone would use this method?

    Read the article

  • Event on HTML selection

    - by jldupont
    Is there an event for situations where something is selected on an HTML page like arbitrary text within a span element? Does such a thing exist or does one need to poll at regular interval & analyze the window.getSelection() ? I would like to trap this event type from within a browser extension (Chrome).

    Read the article

  • Strict doctype - form and input element

    - by David
    Does anyone know the reasoning behind the strict doctype not allowing input elements to be direct descendents of a form element. I find it annoying that i have to wrap a submit button which is a block level element inside another block level element say a fieldset or a div. However, I cannot find an answer anywhere as to why this actually is.

    Read the article

  • mvn deploy to AWS (ssh via distributionManagement)

    - by Dexter
    I am working on deploying the WAR file to AWS using Maven. I am planning to use 'mvn deploy' for the same which would ssh the war file to AWS. I am following http://maven.apache.org/plugins/maven-deploy-plugin/examples/deploy-ssh-external.html. This is my POM file <project> ... <distributionManagement> <repository> <id>ssh-aws</id> <url>scpexe://<ec2 instance>.compute-1.amazonaws.com</url> </repository> </distributionManagement> <build> <extensions> <!-- Enabling the use of FTP --> <extension> <groupId>org.apache.maven.wagon</groupId> <artifactId>wagon-ssh-external</artifactId> <version>1.0-beta-6</version> </extension> </extensions> </build> .. </project> This is my settings.xml <server> <id>ssh-aws</id> <username>aws-user</username> </server> The only issue is that I am unable to figure out the url in distributionManagement node of pom.xml. I am able to ssh in the AWS server by the following. ssh -i ~/pemfile/pemfile-key.pem aws-user@<ec2 instance>.compute-1.amazonaws.com But when I run mvn clean deploy, I receive this.. Exit code: 1 - Permission denied (publickey). -> [Help 1] Thanks in advance.

    Read the article

  • service repository.

    - by SteveCav
    hundreds of our clients around the country have a vb6/MS Access app. The boss needs them to talk to each other, eg client A creates a new task in client B's database, and status updates go back to A. I'm trying to design a WCF system that can accomplish this using a centralized service talking to a service of some kind installed on each client. What I'm wondering is, how the central system knows the address of the clients, ie determine and consume services on the fly? What's a good architecture to fit these requirements?

    Read the article

  • Web pages show empty band across the top

    - by Gerry
    In Chrome, site http://www.helpinghandspeople.com has a 16px empty band (background colour shows) across the top of the page. It's not supposed to be there, but I can't figure out how to make it go away. In Firefox, the home page shows fine, but login and a few other pages show a 24px band. Viewing source and running inspect element are not helpful. Does anyone have a suggestion where to look? Thanks Gerry

    Read the article

  • ASP.NET MVC WAP, SharePoint Designer and SVN

    - by David Lively
    All, I'm starting a new ASP.NET MVC project which requires some content management capabilities. The people who will be managing the content prefer to use SharePoint Designer (successor to FrontPage) to modify content. I'd like to allow them to keep doing that. The issues are: Since I'd like this to be a WAP, not a website project, how can I allow them to see their changes in action without requiring them to have Visual Studio on their local machines? Can I specify a "default" action for a controller so that given a url like /products/new_view_here Can I let them save pages (views) and see them in the browser without having to go through the check-in/build/deploy process? I'd like their changes to be stored in SVN; SharePoint designer seems to only support Visual SourceSafe (ugh) directly. The ideas I've come up with so far are Write an HTTP handler that implements the FrontPage Server Extensions protocol. This sounds time consuming, but I haven't yet looked at the protocol spec. However, it would allow me to perform whatever operations I want on the server side, including checking files into SVN. Ditch the WAP in favor of a website project. I do not like having the source present on the server, however. Also, will MVC work in a website project? Surely someone has tackled this problem before?

    Read the article

  • How to use ASP.NET Authorization Yet Permit Access to .css Files?

    - by Chaitanya
    <authentication mode="Forms"> <forms loginUrl="Login.aspx"/> </authentication> <authorization> <deny users="?"/> </authorization> I am using forms authentication, and when i place the arguments cited above, the css formatting I have done for the whole document is not being implemented, it's vanishing. what should i be doing so that the CSS remains intact.

    Read the article

  • Wordpress Site: Can't logout or post comment

    - by Chloé
    I need help with my site http://VelvetArt.net. I can´t logout, post a comment, and when i put index.php after site adress, is does not work too, it just displays white screen. I have this theme also on my test site http://velvetart.lnb.sk. All working here, logout, index, comments.. Maybe the problem may be with wordpress default files (index.php, wp-blog-header.php, wp-comments-post.php) but i don't know how to solve this issue. Can anyone help me with this please?

    Read the article

  • Only the last run in a for loop in Javascript works

    - by Mengfei Murphy
    Here is a for loop written by Javascript. It is trying to apply queries for websql. for (var i = 0; i < 10; i++){ db.transaction(function (tx){ tx.executeSql('INSERT INTO ProjSetsT (ProjID) VALUES (?);', [i]); }); } The attempt is obvious, I tried to add values "0, 1, 2, ... 9" into column ProjID in table ProjSetsT. It does not work. I only got the last element, i.e. "9" inserted, but not the first eight numbers. Is there any syntax mistakes?

    Read the article

  • Should I be worried about a ReDOS attack?

    - by PeeHaa
    Can the following code be use to ReDOS attack my site? Or will it just be ended when the max_execution_time is exceeded or is it a problem of the past? I use the following code to validate emailaddresses on my sites (by Douglas Lovell): function validate_email($email) { $isValid = true; $atIndex = strrpos($email, "@"); if (is_bool($atIndex) && !$atIndex) { $isValid = false; } else { $domain = substr($email, $atIndex+1); $local = substr($email, 0, $atIndex); $localLen = strlen($local); $domainLen = strlen($domain); if ($localLen < 1 || $localLen > 64) { // local part length exceeded $isValid = false; } else if ($domainLen < 1 || $domainLen > 255) { // domain part length exceeded $isValid = false; } else if ($local[0] == '.' || $local[$localLen-1] == '.') { // local part starts or ends with '.' $isValid = false; } else if (preg_match('/\\.\\./', $local)) { // local part has two consecutive dots $isValid = false; } else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { // character not valid in domain part $isValid = false; } else if (preg_match('/\\.\\./', $domain)) { // domain part has two consecutive dots $isValid = false; } else if(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local))) { // character not valid in local part unless // local part is quoted if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\","",$local))) { $isValid = false; } } if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) { // domain not found in DNS $isValid = false; } } return $isValid; }

    Read the article

  • Execute a Application On The Server Using JavaScript

    - by Nathan Campos
    I have an application on my server that is called leaf.exe, that haves two arguments needed to run, they are: inputfile and outputfile, that will be like this example: pnote.exe input.pnt output.txt They are all on the same directory as my home page file(the executable and the input file). But I need that a JavaScript could run the application like that, then I want to know how could I do this.

    Read the article

  • How to name multiple versioned ServiceContracts in the same WCF service?

    - by Tor Hovland
    When you have to introduce a breaking change in a ServiceContract, a best practice is to keep the old one and create a new one, and use some version identifier in the namespace. If I understand this correctly, I should be able to do the following: [ServiceContract(Namespace = "http://foo.com/2010/01/14")] public interface IVersionedService { [OperationContract] string WriteGreeting(Person person); } [ServiceContract(Name = "IVersionedService", Namespace = "http://foo.com/2010/02/21")] public interface IVersionedService2 { [OperationContract(Name = "WriteGreeting")] Greeting WriteGreeting2(Person2 person); } With this I can create a service that supports both versions. This actually works, and it looks fine when testing from soapUI. However, when I create a client in Visual Studio using "Add Service Reference", VS disregards the namespaces and simply sees two interfaces with the same name. In order to differentiate them, VS adds "1" to the name of one of them. I end up with proxies called ServiceReference.VersionedServiceClient and ServiceReference.VersionedService1Client Now it's not easy for anybody to see which is the newer version. Should I give the interfaces different names? E.g IVersionedService1 IVersionedService2 or IVersionedService/2010/01/14 IVersionedService/2010/02/21 Doesn't this defeat the purpose of the namespace? Should I put them in different service classes and get a unique URL for each version?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 605 606 607 608 609 610 611 612 613 614 615 616  | Next Page >