Search Results

Search found 22139 results on 886 pages for 'security testing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 658/886 | < Previous Page | 654 655 656 657 658 659 660 661 662 663 664 665  | Next Page >

  • Where are the best locations to write an error log in Windows?

    - by Keith Sirmons
    Where would you write an error log file, say ErrorLog.txt, in Windows? Keep in mind the path would need to be open to basic users for file write permissions. I know the eventlog is a possible location for writing errors, but does it work for "user" level permissions? EDIT: I am targeting Windows 2003, but I was posing the question in such a way as to have a "General Guideline" for where to write error logs. As for the EventLog, I have had issues before in an ASP.NET application where I wanted to log to the Windows event log, but I had security issues causing me heartache. (I do not recall the issues I had, but remember having them.)

    Read the article

  • Storing API keys in Android, is obfustication enough?

    - by fredley
    I'm using the Dropbox API. In the sample app, it includes these lines: // Replace this with your consumer key and secret assigned by Dropbox. // Note that this is a really insecure way to do this, and you shouldn't // ship code which contains your key & secret in such an obvious way. // Obfuscation is good. final static private String CONSUMER_KEY = "PUT_YOUR_CONSUMER_KEY_HERE"; final static private String CONSUMER_SECRET = "PUT_YOUR_CONSUMER_SECRET_HERE"; I'm well aware of the mantra 'Secrecy is not Security', and obfuscation really only slightly increases the amount of effort required to extract the keys. I disagree with their statement 'Obfustication is good'. What should I do to protect the keys then? Is obfustication good enough, or should I consider something more elaborate?

    Read the article

  • RUP (Rational Unified Process)

    - by tony
    I have chosen to use the development method RUP (Rational Unified Process) in my project. This is a method I've never used before. I've also included some elements from Scrum in the development process. The question is what the requirement specifications should contain in a RUP-model? Is it functional and non-functional requirements? And what should be included in a technical analysis and security requirements for RUP? Can’t find any information. Notes about this would be helpful. Hope people with RUP experience can share some useful experiences

    Read the article

  • RequireHttpsAttribute and Encrypted Request Data

    - by goatshepard
    I have a controller action that is accepting sensitive data. public ActionResult TakeSensitiveData(SensitiveData data){ data.SaveSomewhere(); } To ensure the data is secure I want to be certain requests are made using HTTPS (SSLv3, TLS 1). One of the approaches I've considered using was the RequireHttpsAttribute on my action: [RequireHttps] public ActionResult TakeSensitiveData(SensitiveData data){ data.SaveSomewhere(); } However, upon testing this I fiddler revealed that an HTTP request made to the action is 302 redirected to HTTPS. My question is this: If I've made a request that is 302 redirected to HTTPS haven't I already sent the sensitive data over HTTP before the redirect?

    Read the article

  • MVVM Light is too fast :)

    - by Hikari
    Hello, I have a simple WM7 Page with textbox. Futher, I assigned EventToCommand (RelayCommand) to this textbox, reacting to TextChanged event. For testing pourposes I made additional method TextBox_TextChanged in page's code behing. Both command and TextBox_TextChanged print a message box with the textbox content. Initial value of textbox is ABC. Then I press D and: 1) TextBox_TextChanged prints ABCD. 2) Command prints ABC. D is missing. Why commands is so fast???

    Read the article

  • Pre-packaged Rails applications

    - by Craig
    Seems like most Rails applications have similar 'base' functionality. As such, it seems that there would be value in having pre-build Rails applications at various functionality points such as: basic User model with authentication using Authlogic #1 + openid integration #2 + authorization using declarative_authorization #3 + Administration module #4 + a Profile model Themes (useful stylesheets and such) Friendship model Geocoding ... In addition to the basic MVC stuff, these applications would include: testing harnesses seed data git support One could choose start from any of these functionality points. Other than the sample application that are available with the various gems/plugins, are there projects such as these? If not, I would certainly be willing to contribute what I have.

    Read the article

  • 404 on custom post types after updating Wordpress to 3.7

    - by Chris
    Since I updated Wordpress from 3.6 to 3.7, I'm not able to visit the single-pages on my custom post types, then I get a 404 error. I thought this would be a rewrite_rules issue, so I've tried the following: -Go to the Permalink settings, click save (flush rewrites) -Manually deleted the rewrite_rules from the option table in the DB (I was desparate, and it seriously worked for me one time) -Re-check my .htaccess, but this is the exactly same as instructed on the permalink page -switched off the plugins I also tried switching the permalink to the "ugly" url (eg. ?page=35) and check if the articles worked, and they did! So I'm pretty sure it's a permalink issue. Now I rolled back to 3.6 again, but I of course want to upgrade in the near future (security etc.). A remarkable thing was that during the rollback I checked out a single page (notice that I didn't rolled back the database yet, only the files) and surprisingly they worked again. Any suggestions on how to solve this?

    Read the article

  • Should I be worried about sending Apk to client before getting paid?

    - by DanielS
    I am working on an Android app for a client. The app is practically finished, and next week I'll have a meeting with the client to present it. He'll test everything, and upon approving it he will make the payment and I'll give him the source code and publish it on Google Play. Today he called me asking for the Apk so that he can start testing it. I am worried that if we don't close the deal (for one reason or another) he might get someone to reverse engineer the Apk and get my source code/app anyway, even if obfuscated with ProGuard (I never tried, but according to this SO thread it's not that difficult to reverse engineer an Apk). My question: Am I being paranoid here and should just send the client the Apk (cause perhaps the ProGuard obfuscation is enough to make the source code useless) , or are my worries reasonable and I should stick to getting paid before delivering anything?

    Read the article

  • What is Visual C++ 2005 Service Pack 1 Redistributable Package for?

    - by Stan
    I am using Poco library and when running my program on other machines which don't have VS2005 installed, I have to install "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update", otherwise the the program will give error when launching. What is this redistributable package for? Is there any way to avoid installing this but still let my program running well? Also, there're so many vcredist_x86.exe out there. How can I know which one is necessary or not when getting error? Thanks.

    Read the article

  • Best approach to store login credentials for website

    - by Zerotoinfinite
    I have created a site in ASP.NET 3.5 & I have only 2 or 3 user login IDs who can login to the website. What would be the best way to save these login details? Which of these approaches, or others, would be most suitable? Using Forms Authentication, and saving credentials (username and password) in web.config to create a text file in directory and modify it Which approach is best from a security and maintenance perspective? What other approaches are suitable for a login system for ASP.NET?

    Read the article

  • Why is url not registered?(Drupal 6.x)

    - by Andrew
    I'm using hook_menu to register new url so that accessing this url would return some data to ajax function. As title suggested, this url is not registered. How do I know that? I've tried typing this in address bar but, drupal, return main template only rather than the tests string that I created. I'm positive that my module is working for php issues error if I intentionally write wrong syntax. And, yes, I clear cache whenever I make changes. Here's the code - function test_menu() { $my_form['test'] = array( 'title' => 'Test address', 'page callback' => 'test', 'access arguments' => array('access content'), 'type' => MENU_CALLBACK, ); return $my_form; } function test(){ $a= "testing"; return $a; }

    Read the article

  • what's the key different between data management and data governance?

    - by Sid Xing
    i just read some articles about these two theories, and i thought they have the similar goal, but DG is more about process management by follow some best practice. So my 1st question is about the difference between DG & DM. I'm confused. There're so many concepts around data management. Data quality, data security, data governance, data profiling, data integration, master data management, metadata management.... It seems like neither of them is EXACTLY separated, they're together. My 2nd question, or ask for your suggestion to help me better understand the relation between these concepts. Appreciate your help.

    Read the article

  • Google search is not working in web browser control

    - by Sundar
    Hello, I have developed a browser using the standard WebBrowser control in my application that is built against CF 3.5. Google search is not working in the browser. That is when i navigate to www.google.co.in and type a keyword and click on the serach button nothing is happening. Outside the application from the device if i try the same thing in IE am getting a security warning dialog box and if ok is clicked search results are shown. So in my case do i need to set property on the webbrowser control. Thanks in advance

    Read the article

  • make mongrel_rails (localhost:3000) visible to a virtual machine

    - by Max Williams
    I develop rails in ubuntu and i just set up a virtualbox windows xp virtual machine for IE testing. I'd like to be able to run mongrel_rails in ubuntu and then jump into the vm to check it out, so i can jump back, make a change, jump into the vm again, reload the page and test it, etc. Is this possible? In this sort of situation in the past i've had to set up an apache server on my dev machine and run mongrel under that, in order to get an externally visible (ie visible to my local network) ip address that i then paste into the address bar of IE in the vm. Is this really necessary? Is there a simpler way? Can i do something with my /etc/hosts or sites-available files to just make up some arbitrary network address which points to localhost:3000 in ubuntu? Or something? thanks, max

    Read the article

  • Mocking my custom dependencies with Spring

    - by Brabster
    Is is possible to declare mocks using some mocking framework for my own classes declaratively with Spring? I know there are some standard mocks available in Spring, but I'd like to be able to mock out my own classes declaratively too. Just to check I'm not going about this the wrong way: the idea is to have a pair of JUnit test and Spring config for each integration test I want to do, mocking everything except the specific integration aspect I'm testing (say I had a dependency on two different data services, test one at a time) and minimising the amount of repeated Java code specifying the mocks.

    Read the article

  • mysql_fetch_assoc data to COOKIE in user browser

    - by Gowtham Raj
    I had data in mysql, where it does not need any security. I had a sql query string to get the data out every time using mysql_fetch_assoc. So, I planed to store data in users browser.To reduce no of quires to sql. if (!isset($_COOKIE['countries'])){ $query = "SELECT iso,name FROM sel_country"; $countries = mysql_query($query); setcookie('countries', serialize($countries), time()+3600); }else{ $countries = $unserialize($_COOKIE['countries']); } while ($row = mysql_fetch_assoc($countries)) {echo $row['name']} But, When cookie is set it is showing following error Fatal error: Function name must be a string in /home/worlds/public_html/index/ctrl.php on line 15 My cookie in browser displaying content as i%3A0%3B Please help me out, how should i go?

    Read the article

  • Delete MSMQ Queue During Uninstall

    - by Todd Kobus
    Is it possible to delete a private message queue that was created by the service user? During uninstallation, we would like to clean up any message queues created by our application. For security purposes, access to these queues has been restricted to the current user (ServiceUser). During uninstall, we have admin privileges, but still get an access denied MessageQueueException when we attempt to delete the queue or modify the privs on the queue. Here is the cleanup code: public void DeleteAppQueues() { List<string> trash = new List<string>(); var machineQueues = MessageQueue.GetPrivateQueuesByMachine("."); foreach (var q in machineQueues) { if (IsAppQueue(q.QueueName)) { trash.Add(".\\" + q.QueueName); } q.Dispose(); } foreach (var queueName in trash) { try { using (MessageQueue delQueue = new MessageQueue(queueName)) { delQueue.SetPermissions("Everyone", MessageQueueAccessRights.FullControl, AccessControlEntryType.Allow); } MessageQueue.Delete(queueName); } catch (MessageQueueException ex) { // ex.Message is "Access to Message Queuing system is denied." } } }

    Read the article

  • removing dependancy of a private function inside a public function using Rhino Mocks

    - by L G
    Hi All, I am new to mocking, and have started with Rhino Mocks. My scenario is like this..in my class library i have a public function and inside it i have a private function call, which gets output from a service.I want to remove the private function dependency. public class Employee { public virtual string GetFullName(string firstName, string lastName) { string middleName = GetMiddleName(); return string.Format("{0} {2} {1}", firstName, lastName,middleName ); } private virtual string GetMiddleName() { // Some call to Service return "George"; } } This is not my real scenario though, i just wanted to know how to remove dependency of GetMiddleName() function and i need to return some default value while unit testing. Note : I won't be able to change the private function here..or include Interface..Keeping the functions as such, is there any way to mock this.Thank

    Read the article

  • How to assess the risk of a java version upgrade?

    - by Roy Tang
    I'm being asked to assess whether we can safely upgrade the java version on one of our production-deployed webapps. The codebase is fairly large and we want to avoid having to regression test everything (no automated tests sadly), but we've already encountered at least one problem during some manual testing (XmlStringReader.getLocalName now throws an IllegalStateExeption when it just used to return null) and higher-ups are pretty nervous about the upgrade. The current suggested approach is to do a source compare of the JDK sources for each version and assess those changes to see which ones might have impact, but it seems there's a lot of changes to go through (and as mentioned the codebase is kinda large). Is it safe and easier to just review the java version changes for each version? Or is there an easier way to conduct this assessment? Edit: I forgot to mention the version upgrade being considered is a minor version upgrade, i.e. 1.6.10 to 1.6.33

    Read the article

  • Hooking a synchronous event handler on a form submit button in JS

    - by Xzhsh
    Hi, I'm working on a security project in javascript (something I honestly have not used), and I'm having some trouble with EventListeners. My code looks something like this: function prevclick(evt) { evt.preventDefault(); document.loginform.submitbtn.removeEventListener('click',prevclick,false); var req = new XMLHttpRequest(); req.open("GET","testlog.php?submission=complete",false); req.send(); document.loginform.submitbtn.click(); //tried this and loginform.submit() } document.loginform.submitbtn.addEventListener('click',prevclick,false); But the problem is, the submit button doesn't submit the form on the first click (it does, however, send the http request on the first click), and on the second click of the submit button, it works as normal. I think there is a problem with the synchronization, but I do need to have the request processed before forwarding the user to the next page. Any ideas on this would be great. Thanks in advance.

    Read the article

  • How can I receive messages using over http without MSMQ

    - by pduncan
    I need a reliable messaging framework that runs over http/https (due to client security requirements) and that doesn't use MSMQ (because some clients will use Windows XP Home). The clients only need to be able to receive messages, not send them. We already have a message queue on the server for each user, and the receivers have been getting messages by connecting to an HttpHandler on the server and getting a Stream from WebResponse.GetResponseStream() We keep this stream open, and pull messages off of it using Stream.Read(). This MOSTLY works, but Stream.Read() is a blocking call, and we can't reliably interrupt it. We need to be able to stop and start the receiver without losing messages, but the old stream often hangs around, even after we call Thread.Abort on its thread. Any suggestions?

    Read the article

  • How to merge branches in Git by "hunk"

    - by user1316464
    Here's the scenario. I made a "dev" branch off the "master" branch and made a few new commits. Some of those changes are going to only be relevant to my local development machine. For example I changed a URL variable to point to a local apache server instead of the real URL that's posted online (I did this for speed during the testing phase). Now I'd like to incorporate my changes from the dev branch into the master branch but NOT those changes which only make sense in my local environment. I'd envisioned something like a merge --patch which would allow me to choose the changes I want to merge line by line. Alternatively maybe I could checkout the "master" branch, but keep the files in my working directory as they were in the "dev" branch, then do a git add --patch. Would that work?

    Read the article

  • How can I use the Scala program schema2src?

    - by pr1001
    This perhaps more a Server Fault question... I installed schema2src via sbaz and now I would like to convert a DTD (Apple's plist schema) to Scala source. $ schema2src usage: schema2src [flags] --module mname arg* or schema2src dtd arg* or (experimental) schema2src xsd arg* (this doesn't work at all yet) where supported [flags] may be: --verbose prints some debugging information However, if I try give any argument, it appears it can't find Scala: $ schema2src --verbose Exception in thread "main" java.lang.NoClassDefFoundError: scala/runtime/BoxesUtility at schema2src.Main$.processArgs(Main.scala:56) at schema2src.Main$.main(Main.scala:25) at schema2src.Main.main(Main.scala) Caused by: java.lang.ClassNotFoundException: scala.runtime.BoxesUtility at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:315) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:330) at java.lang.ClassLoader.loadClass(ClassLoader.java:250) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:398) ... 3 more I have scala in my PATH... Any suggestions? Assuming that problem can be fixed, is this the correct syntax? $ schema2src PropertyList-1.0.dtd

    Read the article

  • Weird parsing date string error in Android 2.0 emulator

    - by kknight
    I have a simple test code for testing SimpleDateFormat. This code works well on Eclipse and Android 1.5 emulator, but it failed at Android 2.0 emulator. Does anyone know why? Thanks. public class TemplateActivity extends Activity { /** Called when the activity is first created. */ @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); TextView tv = new TextView(this); tv.setText(R.string.hello); setContentView(tv); SimpleDateFormat format = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz"); String dateStr = "Mon, 17 May 2010 01:45:41 GMT"; try { Date parsed = format.parse(dateStr); Log.v("Test", parsed.toString()); } catch (ParseException pe) { Log.v("Test", "ERROR: Cannot parse \"" + dateStr + "\""); } } } Log message: V/Test( 400): ERROR: Cannot parse "Mon, 17 May 2010 01:45:41 GMT"

    Read the article

  • JavaScript and PHP - A little confused on how to work them together.

    - by Doug
    So right now, I'm just using a basic form to check a password. I want it to check the password and basically remain on page.html so I can use JavaScript to alert incorrect password or something. I'm not really sure how to do that. It seems it would bring me to check.php. I'm not too sure on the whole process, any help appreciated! Thanks! Page.html <form action="check.php" method="post"> <input type="password" name="password" /> <input type="submit" value="Submit" /> </form> check.php <?php $password = $_POST['password']; if ( $password != "testing" ) { die(); } ?>

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 654 655 656 657 658 659 660 661 662 663 664 665  | Next Page >