Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 668/886 | < Previous Page | 664 665 666 667 668 669 670 671 672 673 674 675 | Next Page >

RSpec: in-depth differences between before(:all) and before(:each)

- by gmile

Ok, so I've ran into a very strange issue, directly connected with before blocks. I'm doing a integration testing via Watir and RSpec. For a simple test to check if user can perform a login I'm creating a 'user' record in the db by means of factory_girl. So I put the following code: before(:each) do @user = Factory(:user) end if "should perform a login" do # do stuff end In do stuff I call a browser and see how the user tries to login. Unfortunately, somehow he cannot do that — "Username isn't valid". After some investigation I discovered that if I put the code for creating user in before(:all) block, everything magically works. How's that? What's the difference between :all and :each in this context? Also, If I put the code for creating user actually in the test body, it still doesn't work (i.e. user somehow isn't added to the DB or something).

Read the article
ActionScript: Using 'in' on protected/private variables?

- by David Wolever

Is there any way to mimic the in operator, but testing for the existence of protected or private fields? For example, this: <mx:Script><![CDATA[ public var pub:Boolean = true; protected var prot:Boolean = true; private var priv:Boolean = true; ]]></mx:Script> <mx:creationComplete><![CDATA[ for each (var prop in ["pub", "prot", "priv", "bad"]) trace(prop + ":", prop in this); ]]></mx:creationComplete> Will trace: pub: true prot: false priv: false bad: false When I want to see: pub: true prot: true priv: true bad: false

Read the article
Browser, upload large file

- by Mike

I'm looking for a way to allow a user to upload a large file (~1gb) to my unix server using a web page and browser. There are a lot of examples that illustrate how to do this with a traditional post request, however this doesn't seem like a good idea when the file is this large. I'm looking for recommendations on the best approach. Bonus points if the method includes a way of providing progress information to the user. For now security is not a major concern, as most users who will be using the service can be trusted. We can also assume that the connection between client and host will not be interrupted (or if it is they have to start over).

Read the article
Can't select database table even though the code is right

- by Lisa

I am trying to display a list of my vbulliten threads on a non-vbulliten portion of my site. However I can't select the vbulliten database: <?php $host = "localhost"; $user = "my username"; $pass = "my password"; $dbname = "tableprefix_forum"; mysql_connect($host, $user, $pass) or die ("Could not connect to database server."); mysql_select_db($dbname) or die ("Could not select database."); ?> I am substituting some things here in this example but all my credentials are correct including my db server username, password and forum db name. So what is the problem? Is it due to some internal security feature in vbulliten, does this system not allow you to connect to it's db if the page trying to connect to it is a non-vbulliten page?

Read the article
Include an interface from the same package (Java)

- by DashRantic

Hi, I'm new to Java (C++ guy myself) and am trying to compile a simple program (testing different random number algorithms) in Java. I have an interface that I want to use to implement another class with, both of these items are in the same package. So I have two files right now in my "Random" package directory--"RandomInterface.java" and "RandomTest1.java" (which implements RandomInterface). I can use javac to compile RandomInterface.java just fine, but I get the following error when I then try to compile RandomTest1: RandomNew.java:3: cannot find symbol symbol: class RandomClass public class RandomNew implements RandomClass ^ 1 error I declare both files to be part of the same package (Random) as the first line of each file. What do I need to do to include the RandomInterface class into the compile command for RandomTest1? Thanks!

Read the article
error during execution of application using GpsPositionRequest class

- by user324922

hi all.. i'm caught in a problem. i'm developing an application based on lbs and referred the code given in (forum.nokia.com/wiki) GpsPositionRequest.zip when i try to install the app on device it gets installed successfully but while executing it shows error "unable to execute for security reasons".. i've signed the sis file using carbide C++. my mmp file include the capabilities: ReadDeviceData, WriteDeviceData, Location, NetworkServices, ReadUserData. my class uses TPositionInfo,RPositionServer,RPositioner does it need any other capability?? (i'm using carbide c++ and s60 3rd edition fp1)

Read the article
Python - Memory Leak

- by Dave

I'm working on solving a memory leak in my Python application. Here's the thing - it really only appears to happen on Windows Server 2008 (not R2) but not earlier versions of Windows, and it also doesn't look like it's happening on Linux (although I haven't done nearly as much testing on Linux). To troubleshoot it, I set up debugging on the garbage collector: gc.set_debug(gc.DEBUG_UNCOLLECTABLE | gc.DEBUG_INSTANCES | gc.DEBUG_OBJECTS) Then, periodically, I log the contents of gc.garbage. Thing is, gc.garbage is always empty, yet my memory usage goes up and up and up. Very puzzling.

Read the article
Are there any sFTP clients that support a proxy that uses NTLM authentication?

- by Iraklis

The title pretty much summarizes the question. We have deployed an sFTP server that needs to be accessed from our client's MS Windows Pc's that reside within a restricted local area network. The only way they can get out for their Intranet is to use an HTTP proxy that requires NTLM authentication. From what I understand all open-source sFTP clients (FilleZilla,WinSCP,etc) do NOT support NTLM authentication (Because of legal issues). I know that there are workarounds to this (installing a local proxy at the machine that understands NTLM) but this would break all sorts of security policies of our client. So my question is : Does anyone know of any sFTP client that supports NTLM ?

Read the article
How to enable an AdventureWorks database in a web application?

- by salvationishere

I am developing a C#/SQL ASP.NET web application in VS 2008. I want the users to be able to select an Adventureworks table and then an input file. The user is then able to map columns from the file with the selected table. This app works fine now in VS. But when I Browse in IIS, it doesn't show any of the tables. I think this is because currently Adventureworks connection string is integrated security (Windows authentication). If I want users to be able to select a table, do I have to change connection to SQL Server authentication? And if so, is the only way to do this to reinstall SQL Server? Or can I just reinstall Adventureworks? And if I reinstall SQL Server, do I need to reinstall VS also for this to work? This could be painful...

Read the article
How to make sure no scripts except those under my own domain, can include the db connection file?

- by Jack

I would like to ensure that any scripts that are trying to "include" my database connection file are located under my own domain. I don't want a hacker to include the database connection file to their malicious script and gain access to my database that way. My connection file's name is pretty easy to guess, it's called "connect.php". So without renaming it and taking the security through obscurity route, how can I protect it by making sure all connection requests are made by scripts residing under my own domain name? How can this be checked using PHP?

Read the article
Parent Thread exiting before Child Threads [python]

- by crgwbr

I'm using Python in a webapp (CGI for testing, FastCGI for production) that needs to send an occasional email (when a user registers or something else important happens). Since communicating with an SMTP server takes a long time, I'd like to spawn a thread for the mail function so that the rest of the app can finish up the request without waiting for the email to finish sending. I tried using thread.start_new(func, (args)), but the Parent return's and exits before the sending is complete, thereby killing the sending process before it does anything useful. Is there anyway to keep the process alive long enough for the child process to finish?

Read the article
Android font out of view on small screen

- by user581949

Hi Everyone I have several text views that take up the majority of the screen in landscape view in a relativelayout and the font size i have set is quite big (150dp). The text views are all timers and the furthest to the right is the "seconds" textview. My problem is that when testing on a phone with a small screen res the seconds are way outside the limit of the screen and can't be seen. They are in perfect place on normal to large screen resolutions just not on a small screen. Is there any way i can force the "seconds" text view to stay on screen, without adjusting the font size or margins between each text view? Even if it means looking cramped on a small screen i can live with that. Any help is greatly appreciated. Thanks This is the corresponding code:

Read the article
How do I get stdout into mstest output when running in new app domain?

- by btlog

I have been working on test framework, which creates a new app domain to run the tests in. The primary reason being the dll's that we are testing has some horrible code that relies on the dll being located in the app domain path. (No I can't change this code.) The problem that I am having is that my test team is writing a bunch of functional tests in mstest and one of the loggers, that writes to Console.Out, does not have any of the log information captured in the trx output. When running the code through a console app all of the log information is output fine. So do the other loggers that have been implemented. My thought is that mstest is setting its own TextWriter to Console.Out, but the new app doamin has it's own TextWriter for Console.Out as the new app domain has it's own set of statics. I appreciate your ideas.

Read the article
php most memory efficient way to return files

- by bumperbox

so i have a bunch of files, some can be up to 30-40mb and i want to use php to handle security of the files, so i can control who has access to them that means i have a script sort of like this rough example $has_permission = check_database_for_permission($user, filename); if ($has_permission) { header('Content-Type: image/jpeg'); readfile ($filename); exit; } else { // return 401 error } i would hate for every request to load the full file into memory, as it would soon chew up all the memory on my server with a few simultaneous requests so a couple of questions is readfile the most memory efficient way of doing this? is there some better method of achieving the same outcome, that i am overlooking? server: apache/php5 thanks

Read the article
Can I use MFC objects in STL containers?

- by Jesse Stimpson

The following code doesn't compile for me in MSVC2005: std::vector<CMenu> vec(10); CMenu is an MFC menu object (such as a context menu). Through some testing I learned that CMenu does not have a public copy constructor. To do what I wanted to do, I needed to use a dynamic array. CMenu* menus = new CMenu[10]; // ... delete [] menus; Of course, now I've lost all the benefits of using an STL container. Do I have any other options?

Read the article
Patterns for avoiding jQuery silent fails

- by Matias

Is there any good practice to avoid your jQuery code silently fail? For example: $('.this #is:my(complexSelector)').doSomething(); I know that every time this line get executed, the selector is intended to match at least one element, or certain amount of elements. Is there any standard or good way to validate that? I thought about something like this: var $matchedElements = $('.this #is:my(complexSelector)'); if ($matchedElements.length < 0) throw 'No matched elements'; $matchedElements.doSomething(); Also I think unit testing would be a valid option instead of messing the code. My question may be silly, but I wonder whether there is a better option than the things that I'm currently doing or not. Also, maybe I'm in the wrong way checking if any element match my selector. However, as the page continues growing, the selectors could stop matching some elements and pieces of functionality could stop working inadvertently.

Read the article
waitin closes browsers for all projects that are building.

- by Scooter

I'm having an issue running WatiN under CruiseControl.net, where on a .forceclose, watin is closing all open browser instances. I have multiple projects running under cruisecontrol, and its not uncommon for some of those projects to be building and testing at the same time. There has been more than one occasion where watin will close the browser window for a different project, causing it to fail. In my local tests, creating my watin instance under a new process fixes this issue. But running under cruisecontrol, when doing this, I lose my IE object: Object reference not set to an instance of an object. Running CC.net as a service CC.Net server is Windows 2003 IE6 Any thoughts?

Read the article
PHP cors validation

- by Brian Putt

I have an endpoint that takes GET requests to collect data from any source that wants to send data. Is there a way to run some validation that the data is in fact coming from the sources we allowed? They enter the website url that they will be sending the data from and we generate an api key. The data is sent via a javascript file that they install onto their website. I have the Access-Control-Allow-Origin set to * as it doesn't necessarily scale to add in hundreds or more websites to that header and that in itself is a security risk as it shows anyone who wants to look at the headers who uses the script. Currently I am thinking of using the http_origin / origin referrer, but obviously that doesn't do too much

Read the article
Tabs.url is undefined

- by Notionwork

I have no clue what I'm doing wrong here! This should be working I believe. I'm writing a chrome extension and this should get the current tab's url and set the html of #current-tab to the url (for testing purposes). The code successfully gets to the callback, but it says that tab.url is undefined when I put it in an alert box, and it does not put it's value in #current-tab. Here's the code I have: $('#get-tab').click(function(){ chrome.tabs.query({"active" : true}, function(tab){ for (var i = 0; i < tab.length; i++) { alert(tab.url); $('#current-tab').append(tab.url); }; }); });

Read the article
Jmeter Query new user

- by Sri

First of all apologies for the below question. Am from a Testing background for the past 8 years and very novice to Jmeter. I went through the Jmeter site, and ran a sample recording using the jmeter.apache.org site and it went fine. I want to test my knowledge and understanding. So, I did the following way. Created a thread group. Added a config element HTTP Default Requests with server name as mail.google.com. Added a Sampler as HTTP request, set the METHOD to POST and gave the username and password, and i ran the test. When i see the Results Viewer, i could see the login page of gmail, I need to know how to pass my username and password and simulate the clicking of Submit button and getting the next page. Please help, am very new and will really appreciate if it's explained as simple as possible.

Read the article
how can cookies track users despite same origin policy?

- by user1763930

Article here discusses tactics used by political campaigns. http://www.nytimes.com/2012/10/14/us/politics/campaigns-mine-personal-lives-to-get-out-vote.html The part in question is quoted: The campaigns have planted software known as cookies on voters’ computers to see if they frequent evangelical or erotic Web sites for clues to their moral perspectives. Voters who visit religious Web sites might be greeted with religion-friendly messages when they return to mittromney.com or barackobama.com. How is that possible? I thought all modern browsers have same origin policy security where website A doesn't have access to any information about other website B, website C, etc. The article makes it sound like a user browses: 1. presidentialcandidate.com 2. website2.com 3. website3.com 4. website4.com 5. presidentialcandidate.com How can a cookie from visit #1 know track user history and be revealed in visit #5?

Read the article
What non-standard behaviour features does Gmail exhibit, when it is programmatically used as a POP3 server?

- by Mike Green

I am trying to prepare a complete list of behaviour that Gmail POP3 exhibits, that you wouldn’t expect to generally find in a POP3 server. For example, Gmail appears to ignore the DELE (delete) command from a POP3 client. Instead, it implements its own delete and archive strategy. The purpose of preparing a list is to avoid developers testing a POP3 client against the Gmail POP3 server and then assuming that all POP3 servers behave in the same way. Can anyone provide a more complete list of non-standard behaviour?

Read the article
Using TDD: "top down" vs. "bottom up"

- by Christian Mustica

Since I'm a TDD newbie, I'm currently developing a tiny C# console application in order to practice (because practice makes perfect, right?). I started by making a simple sketchup of how the application could be organized (class-wise) and started developing all domain classes that I could identify, one by one (test first, of course). In the end, the classes have to be integrated together in order to make the application runnable, i.e. placing necessary code in the Main method which calls the necessary logic. However, I don't see how I can do this last integration step in a "test first" manner. I suppose I wouldn't be having these issues had I used a "top down" approach. The question is: how would I do that? Should I have started by testing the Main() method? If anyone could give me some pointers, it will be much appreciated.

Read the article
Ruby - Is there a way to overwrite the __FILE__ variable?

- by Markus Orrelly

I'm doing some unit testing, and some of the code is checking to see if files exist based on the relative path of the currently-executing script by using the FILE variable. I'm doing something like this: if File.directory?(File.join(File.dirname(__FILE__),'..','..','directory')) blah blah blah ... else raise "Can't find directory" end I'm trying to find a way to make it fail in the unit tests without doing anything drastic. Being able to overwrite the __ FILE __ variable would be easiest, but as far as I can tell, it's impossible. Any tips?

Read the article
How to prompt for username and password entry in C# / SQL ASP.NET web app?

- by salvationishere

How do I prompt for username and password in my C#/SQL web application? This was developed in VS 2008 on a 32-bit XP. The current connection string I'm using in my web.config file is: <add name="AdventureWorksConnectionString2" connectionString="Data Source=SIDEKICK;Initial Catalog=AdventureWorks;Persist Security Info=false; " providerName="System.Data.SqlClient" /> When I select Basic Authentication it pops up the warning: "The authentication option you have chosen results in passwords being sent over the network without data encryption..." How do I choose this authentication method and still send passwords over securely? So essentially I am looking for the most secure authentication method but that still requires users to input password?

Read the article

< Previous Page | 664 665 666 667 668 669 670 671 672 673 674 675 | Next Page >