Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 645/886 | < Previous Page | 641 642 643 644 645 646 647 648 649 650 651 652 | Next Page >

Question about A Sketching Website on the IPAD, Dragging and Touching

- by pfunc

I've been testing out the new functionality of html5 and js to create a sketching site. I've been looking into this for a possible client that wants their site to be ipad accessible, but also have drawing features on it. So i created a rough experiment where you can drag your mouse across a screen to draw lines. I went to test it on an ipad and realized this doesn't work. Why? because dragging on an ipad is reserved for actually dragging the screen around. Is there something you can do to get around this? I'm sure this could be done if made for an app, but what about just a normal website.

Read the article
Google's OpenID identifier is different depending on the "consumer" domain name. How to avoid potent

- by JohnnyO

I'm currently testing an OpenID implementation, and I'm noticing that Google sends a different identifier for different consuming host name / domain name, even for the same user. For example, Google sends a different identifier when the requesting site is localhost, compared to the identifier they send when the requesting site is 127.0.0.1 for the same user. Note: I haven't actually tested this using public domain names, but I can't see why the behavior would be any different. My concern with Google's behavior is that if we ever choose to change our website domain name in the future, then users will no longer be able to log in to the website using Google's OpenId as the identity provider. This seems to be a big problem. Am I missing something, or are all OpenID consuming sites faced with this potential problem? I've also tested this with MyOpenId, but the identifier that MyOpenId creates is fixed, so this wouldn't be a problem with them. Thanks.

Read the article
Removing DIVs in a jquery dialog

- by Macinville

I have a dialog window that uses a URL for its contents { function(){jQuery.ajax({'success':function(html) { jQuery('#menu_dialog').html(html); $('#menu_dialog').dialog('open'); $('#header').hide(); },'url':'/testing/index.php/menu','cache':false});return false;}; } What happens is that it was displaying the whole page, including the header, the footer,navigation menu,etc. What I want is for the dialog to only display the content inside the <content> tag. How can I remove the unnecessary divs in the dialog window?

Read the article
Append in Dom taking more time in IE than Firefox or any other browser.

- by user307635

Hi , I m working on .net framework 3.0 visual studio 08 and Testing it in IE8 and other browsers. Whenever I m inserting new elements in DOM (ex. 300 divs at one time) than I m getting the performance very slow in IE . Why?. If its a javascript debugging which is taking time or what else. Is it really true that IE Dom Append takes much time than any other browser. Please help me , I m stuck badly.

Read the article
Javascript functions return lines of function code or "{[native code]}," what am I doing wrong?

- by DavidR

I am writing some code to find the user selection in a contenteditable div, I'm taking my code from this quirksmode article. function findSelection(){ var userSelection; if (window.getSelection) {userSelection = window.getSelection;} else if (document.selection){userSelection = document.selection.createRange();} // For microsoft if (userSelection.text){return userSelection.text} //for Microsoft else {return userSelection} } I'm testing it in Chrome and Firefox, if I do an alert(userSelection) within the function or an alert(findSelection();) outside the function, it returns function getSelection() {[native code]}. If I do console.log(findSelection();) it gives me getSelection(). Is there something I've done wrong?

Read the article
Any difference in compiler behavior for each of these snippets?

- by HotHead

Please consider following code: 1. uint16 a = 0x0001; if(a < 0x0002) { // do something } 2. uint16 a = 0x0001; if(a < uint16(0x0002)) { // do something } 3. uint16 a = 0x0001; if(a < static_cast<uint16>(0x0002)) { // do something } 4. uint16 a = 0x0001; uint16 b = 0x0002; if(a < b) { // do something } What compiler does in backgorund and what is the best (and correct) way to do above testing? p.s. sorry, but I couldn't find the better title :) EDIT: values 0x0001 and 0x0002 are only example. There coudl be any 2 byte value instead. Thank you in advance!

Read the article
Do not use IE browser settings when using a proxy with Indy

- by JD

Hi At one of our customer sites, we have a Delphi 2007 application that makes a number of HTTPS requests using indy components. All requests are made using the proxy settings the client provides. For this to work, in IE we have to put the URL's in the trusted zones section. After a month due to security settings the trusted zones are cleared. This means we have to re-add the URLs again to make our application work. Is there a way of bypassing IE settings or using a client side HTTP stack so we do not go through the browser to make https requests? JD

Read the article
javascript server issue

- by sarah

Onchage of selection i am calling a javascript to make a server call using struts1.2 but its not making a call.Please let me know where i am going wrong,below is the code <html:form action="/populate"> <html:select property="tName" onchange="test()">"> <html:option value="">SELECT</html:option> <html:options name="tList" /> </html:select> </html:form> and stuts-config has <action path="/populate" name="tForm" type="com.testAction" validate="false" parameter="method" scope="request" > <forward name="success" path="/failure.jsp" /> </action> and javascript is function test(){ var selObj = document.getElementById("tName"); var selIndex = selObj.selectedIndex; if (selIndex != 0) { document.form[0].selIndex.action="/populate.do?method=execute&testing="+selIndex; document.form[0].submit(); } }

Read the article
How to explain to a client that you've gone over-budget and you'll need more money/time to deliver w

- by General Tapioca

My situation is that I have agreed on a per-project proposal with the client. The proposal is vague, but still names functionality in a way that can be argued as to whether it's included or not, while leaving some room for interpretation. I originally pressed as much as I could to get a per-month contract, arguing that the project is mostly non-predictable, but the client refused. Being a small company, I had to fold and signed a contract on an estimate based on my group's estimations. At this point we have reached completion on about 85% of the features (we think) but we ran out of budget. We have been working for almost two years with this client in previous contracts, and we have delivered a good product that they are happy with, so we have a good standing relationship. More info: -There has been a bit of scope-creep, but I don't think enough for me to hide behind that argument -We've been delivering partial releases about monthly. -We don't have systematic user-testing in place.

Read the article
Support both Standard mode and Quirks mode? Is that possible and necessary?

- by tshao

Today I was assigned a bug saying that some page elements don't work on IE8 Quirks mode at all, and I need to fix them. The point is that I believe our pages will always be rendered in Standard mode, because we specify DOCTYPE at the beginning of every page (via master page). I'd think it must be some debugging tools changed that during testing. I managed to convice QA to close it as by design, after a brief explanation to her. Now I start to think the question that whether we should have our page work on both Standard and Quirks mode. Maybe we should try to minimize the problem even if the page is not rendering in a supposed mode? Any standard or best practices on that? Thanks!

Read the article
Simple Moq ? - Problem with .Verify

- by user127954

Hi, just a simple question here. I've used Moq for awhile but, as of yet, have only used it for stubbing and not for mocking. I am trying to introduce our developers to unit testing. I set up a simple example to explain the concepts but i can't seem to get it working. Probably something simple so i thought i would just ask you all to see what i'm doing wrong: <Test()> _ Public Sub Divide_DivideByZero_LogsError() Dim mock = New Mock(Of ILogger) With mock Dim calc = New MyCalculator(New CalculatorData, .Object) calc.Divide(55, 0) mock.Object.WriteError("test", "Test") .Verify(Function(x) CType(x,ILogger).WriteError(it.IsAny(of String),It.IsAny(Of String)))) End With End Sub I'm using Moq version 3.2.416.3. I get an error on the .verify telling me that i'm calling it with incorrect arguments. I'm just trying to verify that .WriteError was called. any help would be appreciated.

Read the article
Is there a difference here?

- by HotHead

Please consider following code: 1. uint16 a = 0x0001; if(a < 0x0002) { // do something } 2. uint16 a = 0x0001; if(a < uint16(0x0002)) { // do something } 3. uint16 a = 0x0001; if(a < static_cast<uint16>(0x0002)) { // do something } 4. uint16 a = 0x0001; uint16 b = 0x0002; if(a < b) { // do something } What compiler does in backgorund and what is the best (and correct) way to do above testing? p.s. sorry, but I couldn't find the better title :) Thank you in advance!

Read the article
Multitenant shared user account?

- by jpartogi

Dear all, Based on your experience, which is the route to go for a multi-tenant user login? One user login per account. Which means if there is one user that has access to multiple account, there will be redundancy of record in the database One user login for all account that she has privileges to. Which means one user record has access to multiple account if she has privileges to that account. From your experience, which one is better and why? I was thinking to choose the latter, but I don't know whether it will cause security issue or less flexibility. Thank you for sharing your experience.

Read the article
PHP Connect to 4D Database

- by Matt Reid

Trying to connect to 4D Database. PHPINFO says PDO is installed etc etc... Testing on localhost MAMP system. However when I run my code I get: Fatal error: Uncaught exception 'PDOException' with message 'could not find driver' in /Applications/MAMP/htdocs/4d/index.php:12 Stack trace: #0 /Applications/MAMP/htdocs/4d/index.php(12): PDO->__construct('4D:host=127.0.0...', 'test', 'test') #1 {main} thrown in /Applications/MAMP/htdocs/4d/index.php on line 12 My code is: $dsn = '4D:host=127.0.0.1;charset=UTF-8'; $user = 'test'; $pass = 'test'; // Connection to the 4D SQL server $db = new PDO($dsn, $user, $pass); try { echo "OK"; } catch (PDOException $e) { die("Error 4D : " . $e->getMessage()); } Can't put my finger on the error, i'm using the settings under the PHP tab... Thank you.

Read the article
ASP.NET MVC - How to save some data between requests ?

- by Tony

Hi, I'm trying to solve the problem: when a user is being logged into a WebSite (via user control .ascx stored on the Master Page), it's name is being stored in a Page.User.Identity.Name property. OK, but how to retrieve that user name in the controller ? Is it possible without registering System.Security.Principal namespace in the controller ? In the other words - the controller must know whose user wants to do some action (e.g. change account data). I could store it's name in the Html.Hidden control on each View but I don't want to have a mess in my Views

Read the article
What keying option does the keychain use?

- by Rudiger

I have read into the keychain and have found that it uses Triple DES. What I can't find is what keying option it uses. I am guessing / hoping that its keying option 1 where all 3 passwords are unique but if thats the case I can only think of two passwords it can use (user password and App ID that comes from your dev cert) so where is the third coming from? Is it a key private to Apple? If its keying option 2 (first and third key are the same) it might not be secure enough for our company to rely on. Although that might sound paranoid I have to justify to our security department that it is secure enough.

Read the article
XMLHttpRequest cross site scripting on same server but differnt port

- by clamp

hello, using XMLHttpRequest it is not possible to open a connection to a document on a different domain than where the page itself is hosted. but what about different ports? for example i have a webserver running on my machine listening on port 80 so the webaddress would look like this: http://localhost:80/mypage.html and i have another webserver running on localhost which is meant to process the ajax requests but listens on a different port. so the javascript in mypage.html would look like this: var xmlhttprequest = new XMLHttpRequest(); xmlhttp.open("GET", "http://localhost:1234/?parameters", true); xmlhttp.send(); would this work? or will it give a security exception as well?

Read the article
trim last "," delimiter of a string in vb.net

- by gerfe

this is my code - With ad.Tables(2) For i As Integer = 0 To .Rows.Count - 1 If .Rows(i)("name") & "" <> "" Then temp &= .Rows(i)("name") & ", " End If Next End With temp = temp.Trim(",") testing &= "&Name=" & temp & vbCrLf with this is get a comma in the end of the string. but if i do this temp = temp.Trim.Trim(",") all commas are deleted. How do i keep all commas and only delete the last one?

Read the article
Override Java System.currentTimeMillis

- by Mike Clark

Is there a way, either in code or with JVM arguments, to override the current time, as presented via System.currentTimeMillis, other than manually changing the system clock on the host machine? A little background: We have a system that runs a number of accounting jobs that revolve much of their logic around the current date (ie 1st of the month, 1st of the year, etc) Unfortunately, a lot of the legacy code calls functions such as new Date() or Calendar.getInstance(), both of which eventually call down to System.currentTimeMillis. For testing purposes, right now, we are stuck with manually updating the system clock to manipulate what time and date the code thinks that the test is being run. So my question is: Is there a way to override what is returned by System.currentTimeMillis? For example, to tell the JVM to automatically add or subtract some offset before returning from that method? Thanks in advance!

Read the article
How to verify a digital signature with openssl

- by Aaron Carlino

I'm using a thirdparty credit card processing service (Paybox) that, after a successful transaction, redirects back to the website with a signature in the URL as a security measure to prevent people from manipulating data. It's supposed to prove that the request originated from this service. So my success URL looks something like this: /success.php?signature=[HUGE HASH] I have no idea where to start with verifying this signature. This service does provide a public key, and I assume I need to create a private key, but I don't know much beyond that. I'm pretty good with linux, and I know I'll have to run some openssl commands. I'm writing the verification script in PHP, which also has native openssl() functions. If anyone could please push me in the right direction with some pseudo code, or even functional code, I'd be very grateful. Thanks.

Read the article
Authenticating to multiple OUs in Active Directory

- by Jaxidian

I'm using the Active Directory Membership Provider with the following configuration: <connectionStrings> <add name="MyConnString" connectionString="LDAP://domaincontroller/OU=Product Users,DC=my,DC=domain,DC=com" /> </connectionStrings> <membership defaultProvider="MyProvider"> <providers> <clear /> <add name="MyProvider" connectionStringName="MyConnString" connectionUsername="my.domain.com\service_account" connectionPassword="biguglypassword" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> This works perfectly except it requires ALL of my users to be in the "Product Users" OU when I would actually like to have all of my users organized into various child OUs under our "Product Users" OU. Is this possible? (Note that this is a partial repost of this question but the question I'm asking here was never answered there.)

Read the article
Any foundation to administrate an Android open source application?

- by Nicolas Raoul

Our open source application is quite popular, and we are many developers. The app uses my Android Market account, and I shared the keys with a developer. But if both of us disappear, the application's Market account will be lost, and all users trapped. Giving the keys to all developers is not a solution either, for security reasons. Is there a foundation (like in Mozilla Foundation or Apache Foundation) that could accept to hold our Android Market account and release new versions in accordance with their own guidelines and our community consensus? There are quite a lot of Open Source foundations, but I could not find any that tackles this particular aspect of Android applications.

Read the article
Class Not found exception in JApplet.

- by Nitesh Panchal

Hello, I created a simple Applet using JApplet and everything seems to work fine but as soon i create an object of my userdefined class named ChatUser in my applet, i get this error :- SEVERE: java.lang.ClassNotFoundException: applet.ChatUser at com.sun.enterprise.loader.ASURLClassLoader.findClassData(ASURLClassLoader.java:713) at com.sun.enterprise.loader.ASURLClassLoader.findClass(ASURLClassLoader.java:626) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at java.lang.ClassLoader.loadClass(ClassLoader.java:252) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:247) at java.io.ObjectInputStream.resolveClass(ObjectInputStream.java:604) at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1575) at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1496) at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1732) at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1329) at java.io.ObjectInputStream.readObject(ObjectInputStream.java:351) at misc.ChatClient.run(ChatClient.java:43) Any idea what can be wrong? It only happens when i create an object of any user defined class. Do i need to set some security settings or something? Please help :(

Read the article
App logicstics & changes due to scope creep

- by Kevin Brown

I started an app that was initially a testing platform--user management, and managers that can view their employees tests. Recently, functionality has been extended (not built yet) to allow users to complete a test in place of an employee--basically adding a record, but no user. I have three tables in use for this: users(contains user info for login/security), profiles (all personal info: address, height, etc.), and survey (contains survey answers for user). How do I extend my application to encompass this functionality with minimal change to the structure? I assume that the best way to do this would be to insert records to the tables profiles and survey, and have no username/password/email? There MUST be a user_id associated b/c the tables are linked through the user_ids...

Read the article
Simple Javascript Won't work

- by webzide

Dear Experts, I was testing some code and I became very frustrated as I couldn't even get an simple DOM alert box to work Anyway here's the code <!DOCTYPE HTML PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/tdt/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <script type="text/javascript">  </script> </head> <body> <h1 id="myHeader">Click me!</h1> </body> </html> I don't know what I did wrong but I just don't see the alert box. I use FF btw.

Read the article

< Previous Page | 641 642 643 644 645 646 647 648 649 650 651 652 | Next Page >