Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 616/886 | < Previous Page | 612 613 614 615 616 617 618 619 620 621 622 623 | Next Page >

CakePHP session sharing between two apps, on the same domain

- by Amit Yadav

I am having two cakephp application working on the same domain. I access them like localhost:8080/wishlist & localhost:8080/lighthouse The wishlist is a separate cakePHP application and the lighthouse is a separate CakePHP application. The login page is at localhost:8080/lighthouse, now i want the session generated by the lighthouse application to be used in the wishlist application. The directory structure is /htdocs /wishlist /app /config .... /lighthouse /app /config .... I have edited the core.php file for both the application. I am using the same session cookie name and the same security sale but i am not able to get the session on the wishlist application. Can some one let me know how can i share session in between my two application.

Read the article
nginx - redirection doesn't work as expected

- by Luis

I have a domain listening on both http and https. I want to redirect all the traffic to https except for two specific locations. It works, but only for mydomain.com, not for www.mydomain.com. Here the config: upstream mydomain_rails { server unix:/home/deploy/mydomain/shared/pids/unicorn.sock; } # blog.mydomain.com server { listen 80; server_name blog.mydomain.com; rewrite ^ http://www.mydomain.com/de/blog permanent; } # blog.mydomain.com.br server { listen 80; server_name blog.mydomain.com.br; rewrite ^ http://www.mydomain.com/br/blog permanent; } # www.mydomain.de server { listen 80; server_name mydomain.de www.mydomain.de; rewrite ^ https://www.mydomain.com/de permanent; } # www.mydomain.com.br server { listen 80; server_name mydomain.com.br www.mydomain.com.br; rewrite ^ https://www.mydomain.com/br permanent; } server { listen 80; server_name mydomain.com; rewrite ^ http://www.mydomain.com$request_uri permanent; } ## www.mydomain.com ## Redirect http to https, keep blogs on plain http server { listen 80; server_name www.mydomain.com; location / { # if ($host ~* ^(www\.mydomain\.com)$ ) { rewrite ^/(.*)$ https://www.mydomain.com/$1 permanent; # } # return 444; } # Matches any request starting with '/br/blog' and proxies to the upstream blog instance location ~* /br/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/br/blog$ /; rewrite ^/br/blog/(.*)$ /$1; proxy_pass http://mydomain_blog_br; break; } } # Matches any request starting with '/de/blog' and proxies to the upstream blog instance location ~* /de/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/de/blog$ /; rewrite ^/de/blog/(.*)$ /$1; proxy_pass http://mydomain_blog; break; } } } # www.mydomain.com server { add_header Cache-Control "public, must-revalidate"; server_name mydomain.com www.mydomain.com; listen 443; ssl on; ssl_certificate /etc/ssl/mydomain.com/sslchain.crt; ssl_certificate_key /etc/ssl/mydomain.com/privatekey.key; ## Strict Transport Security (ForceHTTPS), max-age 30d add_header Strict-Transport-Security "max-age=2592000; includeSubdomains"; ## Due SSL encryption, rather to increase the keepalive requests and timeout keepalive_requests 10; keepalive_timeout 60 60; root /home/deploy/mydomain/current/public/; error_log /home/deploy/mydomain/shared/log/nginx.error.log info; access_log /home/deploy/mydomain/shared/log/nginx.access.log main; ## Redirect from non-www to www if ($host = 'mydomain.com' ) { rewrite ^/(.*)$ https://www.mydomain.com/$1 permanent; } ## Caching images for 3 months location ~* \.(ico|css|js|gif|jpe?g|png)\?[0-9]+$ { expires 30d; break; } ## Deny illegal Host headers if ($host !~* ^(mydomain.com|www.mydomain.com)$ ) { return 444; } ## Deny certain User-Agents (case insensitive) if ($http_user_agent ~* (Baiduspider|webalta|Wget|WordPress|youdao|jakarta) ) { return 444; } ## Deny certain Referers (case insensitive) if ($http_referer ~* (dating|diamond|forsale|girl|jewelry|nudit|poker|porn|poweroversoftware|sex|teen|webcam|zippo|zongdo) ) { return 444; } ## Enable maintenance page. The page is copied in during capistrano deployment set $maintenance 0; if (-f $document_root/index.html) { set $maintenance 1; } if ($request_uri ~* (jpg|jpeg|gif|png|js|css)$) { set $maintenance 0; } if ($maintenance) { rewrite ^(.*)$ /index.html last; break; } location /uk { auth_basic "Restricted"; auth_basic_user_file /etc/nginx/htpasswd; root /home/deploy/mydomain/current/public/; try_files $uri @fallback; } # Matches any request starting with '/br/blog' and proxies to the upstream blog instance location ^~ /br/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/br/blog$ /; rewrite ^/br/blog/(.*)$ /$1; proxy_pass http://mydomain_blog_br; break; } } # Matches any request starting with '/de/blog' and proxies to the upstream blog instance location ^~ /de/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/de/blog$ /; rewrite ^/de/blog/(.*)$ /$1; proxy_pass http://mydomain_blog; break; }} # Matches any request starting with '/lp' and proxies to the upstream blog instance location /lp { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; rewrite ^/lp(/?.*)$ /$1; proxy_pass http://mydomain_landingpage; break; } #Matches any request, and looks for static files before reverse proxying to the upstream app server socket location / { root /home/deploy/mydomain/current/public/; try_files $uri @fallback; } # Called after the above pattern, if no static file is found location @fallback { proxy_set_header X-Sendfile-Type X-Accel-Redirect; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://mydomain_rails; } ## All other errors get the generic error page error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /500.html; location /500.html { root /home/deploy/mydomain/current/public/; } } I defined the blog upstream. As said, it works properly for mydomain.com, but not for www.mydomain.com. Any idea?

Read the article
nested for loop

- by Gary

Hello, Just learning Python and trying to do a nested for loop. What I'd like to do in the end is place a bunch of email addresses in a file and have this script find the info, like the sending IP of mail ID. For now i'm testing it on my /var/log/auth.log file Here is my code so far: #!/usr/bin/python # this section puts emails from file(SpamEmail) in to a array(array) in_file = open("testFile", "r") array = in_file.readlines() in_file.close() # this section opens and reads the target file, in this case 'auth.log' log = open("/var/log/auth.log", "r") auth = log.readlines() for email in array: print "Searching for " +email, for line in auth: if line.find(email) > -1: about = line.split() print about[0], print Inside 'testfile' I have the word 'disconnect' cause I know it's in the auth.log file. It just doesn't find the word 'disconnect'. In the line of "if line.find(email) -1:" i can replace email and put "disconnect" the scripts finds it fine. Any idea? Thanks in advance. Gary

Read the article
Refernce platform specific System.Data.SQLite

- by Dmitriy Nagirnyak

Hi, I am using SQLite for the unit testing and might use it as a database for local development/staging. The System.Data.SQLite has basically 2 versions: x86 and x64. Correct one should be used for the specific platform. I have 64 bit Win7, other guys in the team might use 32-bit OSs. The server's platform is not known at this stage. If I use 32-bit version of the assembly on 64-bit platform I get BadImageFormatException: Could not load file or assembly 'System.Data.SQLite'. I believe similar will happen trying to use 64-bit assembly on 32-bit platform. So my question is what is the best way to reference the SQLite assembly so that it does not depend on the platform and people can just use it? It is ok to use 32-bit version of assembly on a 64-bit platform (Maybe there is a switch for that somewhere?). Thanks, Dmitriy.

Read the article
Why does ASP.Net locks when I update code with TortoiseSVN

- by Malartre

Hi, when I update Adobe Flash/Flex code that is not related to ASP.Net with TortoiseSVN (latest) on a Windows Server 2008, the complete website locks and stop responding. Is it ASP.Net recompiling my code, is it IIS 7 or is it Tortoise locking the file system? How can I prevent or minimize this if I need to do an update when 1000 users are using the ASP.Net website? UPDATE: Thanks to Aito and Bryan, I learned more about AppDomain. I found these two links where I discover that folder creation/deletion recycle the AppDomain in ASP.Net 2. --If TortoiseSVN creates folders in it's hidden .svn folders hierarchy, I guess it will lock the app! ASP.NET v2.0 - AppDomain recycles, more common than before http://weblogs.asp.net/owscott/archive/2006/02/21/ASP.NET-v2.0-2D00-AppDomain-recycles_2C00_-more-common-than-before.aspx FIX: ASP.NET 2.0-connected applications on a Web site may appear to stop responding http://support.microsoft.com/kb/911272 I'm testing this. Carl

Read the article
How do I use the iPhone Simulator in 3.2 (not iPad Simulator)

- by JustinXXVII

I'm fixing my app to be a universal binary. Testing on the simulator seems to default to the iPad. For small corrections like checking orientations and small UI updates, the only way I can find to get the iPhone version is to plug in my iPhone and build and run on device. Loading the debugger takes valuable time, when running on simulator is so much faster for this kind of work. Can I set the simulator to default to iPhone for this? Setting it to 3.1.3 doesn't work because of the 3.2 code I have in the binary for the iPad.

Read the article
How to avoid "The name 'ConfigurationManager' does not exist in the current context" error?

- by 5YrsLaterDBA

I am using VS2008. I have a project connect with a database and the connection string is read from App.config via ConfigurationManager. We are using L2E. Now I added a helper project, AndeDataViewer, to have a simple UI to display data from the database for testing/verification purpose. I don't want to create another set of Entity Data Model in the helper project. I just added all related files as a link in the new helper project. When I compile, I got the following error: Error 15 The name 'ConfigurationManager' does not exist in the current context C:\workspace\SystemSoftware\SystemSoftware\src\systeminfo\RuntimeInfo.cs 24 40 AndeDataViewer I think I may need to add another project setting/config related file's link to the helper project from the main project? There is no App.config file in the new helper project. But it looks I cannot add that file's link to the helper project. Any ideas?

Read the article
Getting "Object is read only" error when setting ClientCredentials in WCF

- by Paul Mrozowski

I have a proxy object generated by Visual Studio (client side) named ServerClient. I am attempting to set ClientCredentials.UserName.UserName/Password before opening up a new connection using this code: InstanceContext context = new InstanceContext(this); m_client = new ServerClient(context); m_client.ClientCredentials.UserName.UserName = "Sample"; As soon as the code hits the UserName line it fails with an "Object is read-only" error. I know this can happen if the connection is already open or faulted, but at this point I haven't called context.Open() yet. I have configured the Bindings (which uses netTcpBinding) to use Message as it's security mode, and MessageClientCredentialType is set to UserName. Any ideas?

Read the article
What is the fastest way to create a checksum for large files in C#

- by crono

Hi, I have to sync large files across some machines. The files can be up to 6GB in size. The sync will be done manually every few weeks. I cant take the filename into consideration because they can change anytime. My plan is to create checksums on the destination PC and on the source PC and than copy all files with a checksum, which are not already in the destination, to the destination. My first attempt was something like this: using System.IO; using System.Security.Cryptography; private static string GetChecksum(string file) { using (FileStream stream = File.OpenRead(file)) { SHA256Managed sha = new SHA256Managed(); byte[] checksum = sha.ComputeHash(stream); return BitConverter.ToString(checksum).Replace("-", String.Empty); } } The Problem was the runtime: - with SHA256 with a 1,6 GB File - 20 minutes - with MD5 with a 1,6 GB File - 6.15 minutes Is there a better - faster - way to get the checksum (maybe with a better hash function)?

Read the article
NHibernate 2.1.2 in medium trust.

- by John

I'm trying to configure nhibernate 2.1.2 to run in medium trust, without any luck. I have tried follwing the suggestions to run in medium trust and pre-generating the proxies. I then tried to remove all references to lazy loading setting the default-lazy="false" on all classes and bags. However this threw an exception asking me to configure the proxyfactory.factory_class None of these methds worked as they kept throwing generic security exceptions or throwing easying that libraries do not allow AllowPartiallyTrustedCallers. Am I using the wrong version of NHibernate if I want to run in medium trust? Is there a specific set of binaries, or source, which I should be using.

Read the article
Spring MVC and Jetty: Prevent jsessionid from being used in RedirectView on redirect to external sit

- by Moritz Both

In Spring MVC 2.5 with Jetty - probably with any servlet container -, I want to redirect to an external site using RedirectView via the magic "redirect:" prefix for the view name in ModelAndView. Unfortunately, RedirectView uses response.encodeURL(), so my (otherwiese wanted) session id is appended to the URL. It is not only a security risk to carry the session id to the external site, the ";jsessionid=gagnbaba" string may also be interpreted as part of the ContextPath/PathInfo on the other site, resulting in a bad URL. Any "springish" options other than implement my own ExternalRedirectView... and also hack the ViewResolver to interpret a "externalRedirect:" prefix? (Requiring cookies is not an option.) Moritz

Read the article
Where can I download a free, text-rich dataset?

- by blee

I want to do a bit of lightweight testing and bench-marking for full-text search, so the dataset should have the qualities: 10,000 - 100,000 records. good dispersion of English words. In CSV or Excel format--i.e. I don't want to access it via API. Something like books or movies with title and description fields would be perfect. I browsed the UCI Machine Learning Repo, but it was too number-oriented. Thanks!

Read the article
Ruby 1.9, gmail and NET::SMTP

- by anshul

I am running ruby 1.9.1p243 (2009-07-16 revision 24175) [x86_64-linux]. require 'mail' options = { :address => "smtp.gmail.com", :port => 587, :domain => 'REMOVED', :user_name => 'REMOVED', :password => 'REMOVED', :authentication => 'plain', :enable_starttls_auto => true } Mail.defaults do delivery_method :smtp, options end Mail.deliver do to 'REMOVED' from 'REMOVED' subject 'Testing' body 'Test body' end results in the error Net::SMTPAuthenticationError: 530 5.7.0 Must issue a STARTTLS command first. x.REMOVED! What am I doing wrong and how do I fix it?

Read the article
Rails ActionMailer problems on Mac

- by seth

I've been working on learning to use Rails the last couple days and I've run into something that I haven't been able to solve with Google. So I'm just creating a basic contact form that sends an email. Everything seems to be working ok in testing, which tells me that the form is working, and ActionMailer was implemented correctly, however, I'm having trouble configuring ActionMailer. I'm running OSX 10.6.2. I have postfix running and have verified that it's running using telnet localhost 25. When I try to use the form I get a "Connection refused" error. This is my current configuration: config.action_mailer.smtp_settings = { :address => 'localhost', :port => 25 } I thought I might need to set :domain but I'm kind of confused on what that should be set to in this situation.

Read the article
WCF performance improvements

- by Burt

I am developing a WPF application that talks to a server via WCF services over the internet. After profiling the application I noticed a lot of time is being taking up by creating the appropriate WCF client proxy and making the call to the server. The code on the server is optimised and doesn't take any time to run yet I am still seeing a 1.5 second delay from when a service is invloked to it returning to the client. A few points to give a bit of background: I am using the ASP.Net membership for security I will eventually hook into the same server side code through a website I would eventually like to have offline support in the application I really need to nail the performance early though as if the app is taking a couple of seconds to come back it is too long for what I am trying to do. Can anyone suggest performance tips that will help me please?

Read the article
webbrowser disable script debugging in Visual Basic 6

- by me4245

Hi, I want to disable script errors from popping up in a VB6 application. (I have VB6 installed on this machine). Currently, if I navigate to a particular page, it pops up saying "INternet Explorer Script Error: An error has ocurred in the script on this page" ... "Do you want to continue running scripts on this page?" Setting the webbrowser1.silent to 'true' does not work. Instead all that happens, is instead of displaying an error message, it starts up the actual 'script' debugger, and then exits the program. On a machine without the (visual studio) debugger, it still pops up a message asking to use the debugger, i.e., on Vista, (when silent is set to true). Manually changing the 'disable script debugging (other)' (and regular one), doesn't seem to working in MSIE (also testing version 6.0 for xp users). How do I disable script errors? Thanks in advance!

Read the article
c# gridview row click

- by Martijn

When i click on a row in my gridview, i want to go to a other page with the id i get from the database. In my RowCreated event i have the following line: e.Row.Attributes.Add("onClick", ClientScript.GetPostBackClientHyperlink(this.grdSearchResults, "Select$" + e.Row.RowIndex)); To prevent error messages i have this code: protected override void Render(HtmlTextWriter writer) { // .NET will refuse to accept "unknown" postbacks for security reasons. Because of this we have to register all possible callbacks // This must be done in Render, hence the override for (int i = 0; i < grdSearchResults.Rows.Count; i++) { Page.ClientScript.RegisterForEventValidation(new System.Web.UI.PostBackOptions(grdSearchResults, "Select$" + i.ToString())); } // Do the standard rendering stuff base.Render(writer); } My question is, how can i give a row a unique id (from the DB) and when i click the row, another page is opened (like clicking on a href) and that page can read the id. Thnx

Read the article
Is writing eSQL database agnostic?

- by Robert Koritnik

Using EF we can use LINQ to read data which is rather simple (especialy using fluent calls), but we have less control unless we write eSQL on our own. Is writing eSQL database actually data store independant code? So if we decide to change data store, can the same statements still be used? Is writing eSQL strings in your code pose any serious security threats similar to writing TSQL statements in plain strings? So we moved to SPs. Could we still mode eSQL scripts outside of code as well and use some other technique to make them a bit more secure?

Read the article
Cant delete more than 200 contacts in HTC HERO

- by rahul

I'm working on security application which will copy all contacts to some other database and delete all contacts from phonebook. I'm testing this on android HTC HERO. I'm successful to delete contacts from phonebook and create new contact info database, Till 200 it is working, but after 200 contacts its not working properly. After tht application starts throwing error. There is one Sync with Google Option in MenuSettingData Sync, I think that is creating problem. There is notification that "Too many contacts deleted" n if i click tht there will b a dialog with title "Delete Limit exceeded". Is there anything i can do to stop syncronization or any other ideas by which i can achieve required output? Please Help me on this

Read the article
Put DrawingGroup on a Canvas?

- by stefan.at.wpf

Hello, I have a DrawingGroup and I want to put it on a Canvas, but because DrawingGroup is no UIElement, this is not possible. Whats the best way to do this? And from which class could I derive, so that I could do something like canvas1.Children.Add(new myDrawingGroup()); (Meaning I want to add my DrawingGroup as one element on the canvas, instead of several single Drawings / Geometries. I also need hit testing and databinding support.) Thank you very much for any hint!

Read the article
How to simulate a mouse click on a UIWebView in Cocoa for the iPhone?

- by eagle

I'm trying to setup automated unit tests for an iPhone application. I'm using a UIWebView and need to simulate clicks on different links. I've tried doing this with JavaScript, but it doesn't produce the same result as when I manually click on the links. The main problem is with links that have their target property set. I believe the only way for this automated unit test to work correctly is to simulate a mouse click at a specific x/y coordinate (i.e. where the link is located). Since the unit testing will only be used internally, private API calls are fine. It seems like this should be possible since the iPhone app isimulate seems to do something similar. Is there any way to do this in the framework?

Read the article
GetAllUsers - MVC

- by Jemes

I’m using the Membership Provider and would like to display a list of all the users and their First Name, Last Name etc using the GetAllUsers function. I'm having trouble understanding how to implement this function in MVC. Has anyone implemented this in MVC or is there an easier way to list all the users in my application? Any help or advise would be really helpful. Controller public ActionResult GetUsers() { var users = Membership.GetAllUsers(); return View(users); } View Model public class GetUsers { [Required] [DisplayName("User name")] public string UserName { get; set; } [Required] [DisplayName("User name")] public string FirstName { get; set; } } View <%= Html.Encode(item.UserName) %> Error The model item passed into the dictionary is of type 'System.Web.Security.MembershipUserCollection', but this dictionary requires a model item of type 'System.Collections.Generic.IEnumerable`1[Account.Models.GetUsers]'.

Read the article
PycURL RESUME_FROM

- by excid3

I can't seem to get the RESUME_FROM option to work. Here's some example code that I have been testing with: import os import pycurl import sys def progress(total, existing, upload_t, upload_d): try: frac = float(existing)/float(total) except: frac = 0 sys.stdout.write("\r%s %3i%%" % ("file", frac*100) ) url = "http://launchpad.net/keryx/stable/0.92/+download/keryx_0.92.4.tar.gz" filename = url.split("/")[-1].strip() def test(debug_type, debug_msg): print "debug(%d): %s" % (debug_type, debug_msg) c = pycurl.Curl() c.setopt(pycurl.URL, url) c.setopt(pycurl.FOLLOWLOCATION, 1) c.setopt(pycurl.MAXREDIRS, 5) # Setup writing if os.path.exists(filename): f = open(filename, "ab") c.setopt(pycurl.RESUME_FROM, os.path.getsize(filename)) else: f = open(filename, "wb") c.setopt(pycurl.WRITEDATA, f) #c.setopt(pycurl.VERBOSE, 1) c.setopt(pycurl.DEBUGFUNCTION, test) c.setopt(pycurl.NOPROGRESS, 0) c.setopt(pycurl.PROGRESSFUNCTION, progress) c.perform()

Read the article
Use Google Test from Qt in Windows

- by Dave

I have a simple test file, TestMe.cpp: #include <gtest/gtest.h> TEST(MyTest, SomeTest) { EXPECT_EQ(1, 1); } int main(int argc, char **argv) { ::testing::InitGoogleTest(&argc, argv); return RUN_ALL_TESTS(); } I have Google Test built as a static library. (I can provide the makefile if it's relevant.) I can compile TestMe.cpp from a command-line with no problem: g++ TestMe.cpp -IC:\gtest-1.5.0\gtest-1.5.0\include -L../gtest/staticlib -lgtest -o TestMe.exe It runs as expected. However, I cannot get this to compile in Qt. My Qt project file, in the same directory: SOURCES += TestMe.cpp INCLUDEPATH += C:\gtest-1.5.0\gtest-1.5.0\include LIBS += -L../gtest/staticlib -lgtest This results in 17 "unresolved external symbol" errors related to gtest functions. I'm pulling my hair out here, as I'm sure it's something simple. Any ideas?

Read the article
Google Chrome Speed Tracer what does Request Timing and Response Timing actually measure?

- by Bryce Thomas

I'm testing out the Google Chrome Speed Tracer on a few common web pages and taking a look through the results. One thing I'm not sure I understand is what the "Request Timing" and "Response Timing" properties of resources are actually measuring. Initially I thought Request Timing must measure the time from a request for a resource being sent and when that request arrived at the server. However, I then wondered how the Speed Tracer would actually have any way of measuring this. Furthermore, the Response Timing that I'm getting for resources tends to be far less than the Request Timing (e.g. 500ms request, 1ms response), which is a little bit suss. So is anyone able to explain exactly what Request Timing and Response Timing are measuring?

Read the article

< Previous Page | 612 613 614 615 616 617 618 619 620 621 622 623 | Next Page >