Search Results

Search found 25503 results on 1021 pages for 'browser security'.

Page 740/1021 | < Previous Page | 736 737 738 739 740 741 742 743 744 745 746 747 | Next Page >

MVC Site - Ensuring the default entry view is always correct

- by Klaptrap

I have a MVC site with AD authorization. This is all working fine. I publish the site to the webserver and call the site directly (http://intranet). If I have not logged in for a while (I have an authorised cookie with a 30 minute TTL), I am prompted to log-in and if successful I am redirected to the homeController's index view. This is great and as expected. If I keep the session open (browser open) and browse away from the site, if I then browse back to http://intranet, I am not challenged as I have recently authenticated but the default page is from a different controller and not the home page view. How can I stop this from happening? It cannot be a session setting as this is not a new session and the routes appear correct - they are not beng called at this point anyhow. Please MVC guru's advise....!

Read the article
jQuery event.stopPropagation is not working on <a>

- by HorusKol

I have the following javascript: $('#ge-display').click(function (event) { window.open('/googleearth/ge-display.php','','scrollbars=yes,menubar=no,height=650,width=1000,resizable=yes,toolbar=yes,location=no,status=no'); event.stopPropagation(); return false; }); the element with id 'ge-display' is a standard link: <a href="/googleearth/ge-display.php" id="ge-display" target="_blank">Load Google Earth Plugin (in a new window)</a> The problem is - when I take out the 'return false;' line from the click event handler, the javascript popup opens, and then another browser window opens - I thought stopPropagation() would prevent the links own click handler? I've also tried stopImmediatePropagation() - but I still need to return false to stop the default behaviour of the link.

Read the article
Safe non-tamperable URL component in Perl using symmetric encryption?

- by Randal Schwartz

OK, I'm probably just having a bad Monday, but I have the following need and I'm seeing lots of partial solutions but I'm sure I'm not the first person to need this, so I'm wondering if I'm missing the obvious. $client has 50 to 500 bytes worth of binary data that must be inserted into the middle of a URL and roundtrip to their customer's browser. Since it's part of the URL, we're up against the 1K "theoretical" limit of a GET URL. Also, $client doesn't want their customer decoding the data, or tampering with it without detection. $client would also prefer not to store anything server-side, so this must be completely standalone. Must be Perl code, and fast, in both encoding and decoding. I think the last step can be base64. But what are the steps for encryption and hashing that make the most sense?

Read the article
how JVM arguments can be passed to apps started through java webstart in macOS.

- by siva

Hi, We have a application which is triggered from browser. This application consumes around 800 mb of memory. This works perfectly when invoked from any browsers in windows OS. The same application when triggered from MacOS throws an out of memory exception which occurs when the application is short of memory. Is there any way to increase the memory allocated for apps running in mac os environment. Also please let me know how JVM arguments can be passed to apps started through java webstart in macOS. Thanks in advance Regards, Siva

Read the article
How to select saxon TransformerFactory in Java

- by pAkY88

In my web application I need to use Saxon TransformerFactory to use XSLT 2.0 but I can't use setProperty method because I haven't this right on the web server and there is a Security Manager. So i have read that it's possible to do this: Use the Services API (as detailed in the JAR specification), if available, to determine the classname. The Services API will look for a classname in the file META-INF/services/javax.xml.transform.TransformerFactory in jars available to the runtime. I found this file in WEB-INF/lib/saxon9.jar but when I istantiate a TransformerFactory is always selected default factory and not saxon factory. How can I select Saxon Transformer Factory? Thanks

Read the article
My HttpHandler doesn't want to create directory on a network

- by Daok

I use this simple line of code inside my HttpHandler: Directory.CreateDirectory(@"\\srv-001\dev\folderToCreate\"); I receive an UnauthoridezAccessException telling me that the access to the path is denied. From here, I create a little Dos application in C# doing the same thing and I was able to create the folder. So, I thought that it might be that IIS is running on a different user than myself. I went to IIS and changed the Application pool to a Custom user, myself. But, unfortunately, I got the same exception. I have try to create a Share folder on my computer and I can create directory. Also, when debugging I can see that System.Threading.Thread.CurrentPrincipal.Identity have its AuthenticationType to "", IsAuthenticated to false and name to "". So, with all those tests I can conclude that the HttpHandler that receive the file cannot create a directory because of some security access. How can I grand access to my HttpHandler to be able to create a directory (and files) to a network folder?

Read the article
asp:Login control requests

- by Dean

Hi All, ran into an issue, we are using webforms with a site with this dir structure: root: / secure : /securepages/ we only want users who are logged in to access /securepages/. currently we are using the login control, 3.5, forms auth, all is working ok but know we have thrown assl cert into the mix and the issue is that the login control is requesting WebResource.axd?d=XukT0PE1PS-iOKw3RT8Z6g2&t=633834231612265882 from the non secure url e.g. ht tp://www.mysite.com/WebResource.axd?d=XukT0PE1PS-iOKw3RT8Z6g2&t=633834231612265882 . This causes the browser to prompt the user to download unsecure content. I am using some redirecting in the global.asax to handle redirection to https://xx xxxlogin.aspx if login.aspx it requested from http://. thanks

Read the article
Has anyone got a simple step by step Mozilla plugin tutorial.

- by s1mm0t

I'm trying to create a Mozilla browser plugin for the sole purpose of detecting with javascript whether or not an application that I have written is installed. This was inspired by another stackoverflow question and answer on a similar subject. All I want really is a HelloWorld type example as what I need to write will be even simpler than that. There is a lot of information on the Mozilla website, but as a plugin noob and a C++ novice I'm experiencing information overload. I just need a step by step "this is how to create your first simple plugin". I have already written the IE equivalent by following this ATL tutorial. This is the kind of level of guide that I would ideally like to find. Please note, this is specifically about Mozilla plugins and not extensions - Googling this subject brings up a lot of information about extensions in addition to plugins.

Read the article
routing problem in codeigniter

- by Obay

I'm new to CodeIgniter and routing. I have a Login controller whose index() loads up a view to enter a username/password. In the view, the form has action="login/authenticate". Login-authenticate() determines if the login is valid or not. If it's valid, redirect('lobby'), if not redirect('login') routes.php: $route['default_controller'] = "login" config.php: $config['base_url'] = "http://localhost/dts/"; $config['index_page'] = "index.php"; The problem is that when i go to http://localhost/dts/ , click login, I am correctly (?) redirected to http://localhost/dts/login/authenticate but the browser says Object not found!. But when I go to http://localhost/dts/index.php/ (with trailing slash), it works correctly (I get redirected to http://localhost/dts/index.php/login/authenticate, and am logged in) I tried removing "index.php" by using a .htaccess: RewriteEngine on RewriteCond $1 !^(index\.php|images|robots\.txt) RewriteRule ^(.*)$ /index.php/$1 [L] and it would no longer open even the http://localhost/dts/ I'm confused.. what's going on?

Read the article
How to fetch message body and attachments in XML format from Lotus Domino server from linux using ph

- by too

Has anybody some information about accessing Lotus Domino server to fetch entire mail contents by http(s) requests from php linux server? The article by Andrei Kouvchinnikov describes well how to fetch message list in notes mail folders; after obtaining session id during login one can for example select top 100 messages by calling: https://your.server.domain/mail_db/mailbox.nsf/($Inbox)?ReadViewEntries&Start=1&Count=100 And this works perfectly. The arises when I am trying to get message contents (0A1DA5EEB7B65277C12576F50055D811 is an example message unique Id): https://your.server.domain/mail_db/mailbox.nsf/($Inbox)/0A1DA5EEB7B65277C12576F50055D811/?OpenDocument Such request in IE shows frameset with data hard to parse, in less common browsers like Opera it informs about unsupported browser. Ideally if it is possible to fetch notes message contents and all attachments by requesting it in the url, has anybody some information what request would it be? Link to Lotus web calls reference would be even more beneficial.

Read the article
How to determine the Window size in IE for a window to be opened from the COM API?

- by stwissel

I'm using the IE control embedded in an application. Works as advertised. When a user opens a new browser window I intercept the NewWindow2 event and force it into a new tab. However for a certain class of windows I want to allow a popup. Most notably a few windows legacy applications that use popup windows instead of Ajax for Date or Name pickers. How can I figure out that a window was requested by JavaScript window.open(...) or with a specific size? Thx for helping.

Read the article
What is prefered method to set consistence font-size and line height for website using em?

- by metal-gear-solid

What is the best method to set cross-browser consistence typography (font-size and line height) for whole site using em for Fixed width {Width:970px}, centered website? I usually get design from client with multiple font size and line heights at various places in design. for some good reason i still use em without getting nested element problem and font-size inconsistencies in IE and others. then after setting how to manage and update easily ,and how to calculate ems I want to set easily manageable font sizes and I want to set Line height manually (because it can be different for various places in design. And for which things we should define line-height or for which not? How to set font-size and line-height to get consistent result. and if i'm using em for font-sizing then should i also use bottom-margin of h1, p, li etc in em? HTML {} BODY {} P {} a {} ul li a {} ul li ul li a {} p img {float:left} td,th { }

Read the article
Creating a Web Wrapper for COM and OCX

- by balexandre

Hi guys, Today we have a windows application that, using an OCX, creates a web page (visible by a WebBrowser control in a small .NET WinForm application) and communicates through COM to the main application/client. (not relevant but this is Pascal) I'm currently responsible to re create this application in a web environment so we can have the same functionality shared through Web as the user can see the same in a Web Browser. The Windows application has almost 4 years on it and I need to re create everything from scratch, and all the bugs/features find in the future in the Windows Application I have to re create them again in the Web... Ohh well, you can see where this will end. I was thinking... is there any way I can create a Wrapper, even using 3rd party commercial objects, to: Communicate with the COM Object Can expose the content of the OCX (this in my most confortable language, ASP.NET C#, but other are welcome) I was thinking out loud, can this be accomplish with a Java Applet? Any ideas or any point to the right road will be appreciated.

Read the article
Debugging feature activation in SharePoint 2007

- by Eric U.

I have a SharePoint feature that is activated under 'Site Collection Features' that is having some issues being activated. I've activated it through the stsadm as well as the SharePoint UI, both unsuccessful. The feature toggles from deactivated to activated, but the result that should be there is not. The result is some pages that should be created. So my question is does anyone know of a way to step through the activation of features process? I'd like to be able to attach Visual Studio 2008 to the browser and step through a few breakpoints that I've set. I've narrowed the error down to the FeatureReceiver's FeatureActivated(SPFeatureReceivrProperties properties) Pages that I've been referencing: http://msdn.microsoft.com/en-us/library/ee231550.aspx http://blogs.msdn.com/b/sharepoint/archive/2007/04/10/debugger-feature-for-sharepoint.aspx

Read the article
Prevent password leakage while using sql* loader

- by Jai

I have shell script calling Sql*loader utility which inturn uses username/password as arguments. This details cannot be stored on server in any form due to security related policies. i got 2 approaches to handle this situation, 1. create hidden parameter file with login details and limit the access to owner. again the implication is i cannot store login data in any format on server 2. Create the user as OS authenticated and straight away login into sql without any userid/password I am not able to figure out risks involved in 2nd approach which u experienced folks could have come across. let me know if there is any other approach to handle password leakage issue

Read the article
Verify windows log-in via smart card

- by Ronen Rabinovitz

Hi I need to verify in my WPF application if the user log in to his computer via password or via smart-card. Both login options are available in my company clients but my application need to open only in the smart-card login. All the clients are windows 7 OS. I look at some sites: http://technet.microsoft.com/en-us/library/ff404285(v=ws.10).aspx http://www.codeproject.com/Articles/240655/Using-a-Smart-Card-Certificate-with-NET-Security-i and I'm thinking I need to get the enhanced key usage (EKU) attribute field. If the EKU is empty = then the user was loged via password and not via smartcard. I only need this simple check, I do not care for creating/validations on certificates atc.

Read the article
Cross Domain Scripting Issues & JSONP

- by DaveDev

Our Client requires that we supply Widgits for their site. They want to link to us to get Html & the jQuery required to manipulate the Html and do asynchronous requests. I understand that there are cross-domain security limitations that would prevent this from being a possibility, but that some of those limitations are aleviated by using JSONP as the data transfer format. I'm finding it difficult in finding an explanation of what's possible in the context of what I'm trying to achieve. Could somebody please fill me in?

Read the article
Recording SELECT statements in PostgreSQL 8.4

- by David Anniwell

Hi All I've got a table which contains sensitive data and according to data protection policy we have to keep a record of every read/write of the data including a row identifier and the user who accessed the table. The writing is no issue using triggers but obviously triggers aren't supported for SELECT statements. What's the best method of doing this? I've looked at rules but I can't get them to INSERT into a table, and I've tried logging every query but this doesn't seem to log SELECT statements. Ideally for security I'd like to keep the log within a table on the database but logging to a file is fine too. Thanks David

Read the article
How do I change a Git remote HEAD to point to something besides "master"

- by jhs

Short version: How do I set a Git remote's HEAD ref to point to something besides "master"? My project has a policy not to use a "master" branch (all branches are to have meaningful names). Furthermore, the canonical master repository is only accessible via ssh://, with no shell access (like GitHub or Unfuddle). My problem is that the remote repository still has a HEAD reference to refs/heads/master, but I need it to point to a different branch. This is causing two problems: When cloning the repo, there this, warning: remote HEAD refers to nonexistent ref, unable to checkout. That's confusing and inconvenient. The web-based code browser depends on HEAD as a basis for browsing the tree. I need HEAD to point to a valid branch, then.

Read the article
How to run infinitely script in background on Linux?

- by Andrew Bashtannik

I have a PHP script with infinite loop. I need this script running forever. So, I run php /path/to/script.php > /dev/null & And it works in background in my current user's security context. But when I close terminal window (log off), of course, CentOS Linux kills my program. I see two guesses: run from a different user in background or make a daemon. I need help in each situation. Thanks a lot!

Read the article
Is there anyway to prevent onbeforeunload event from triggering when using internet explorer

- by newName

I have a function that is suppose to trigger when user closes their browser and I have put the code in the "window.onbeforeunload" function. The thing is every time if I reloads the page in Internet Explorer, the onbeforeunload event will also trigger which is a problem because I only wants it to trigger only when the user closes or navigates away from the current page but not on a page refresh/reload. Therefore I'm not sure if onbeforeunload is intended to trigger even on a page refresh/reload and if it is intended to, then is there another way to work round it? Thanks

Read the article
How to store user preferences? Cookie becomes bigger..

- by ari

My application (Asp.Net MVC) has great interaction with the user interface (jQuery/js). For example, setting various searches charts, moving the gadgets on the screen and more .. I of course want to keep all data for each user. So that data will be available from any page in the Dumaine and the user will accepts his preferences. Now I keep all data in a cookie because it did not seem logical asynchronous access to the server each time the user changes something and thet happens a lot.When the user logout from the application I save the cookie to the database. The problem is the cookie becomes very large. The thought that this huge cookie is attached to each server request makes me feel that my attitude is wrong. Another problem cookies have size limit. It varies from your browser but I definitely have been close to the border - my cookie easily become 4kb Is there another solution?

Read the article
How to made my background image strech if I dynamicaly insert DIV in the middle of the page

- by Alain

Hi, I have a background image which I apply to the body. The image is only in the bottom and stretch to the entire width of the page. The image is 1 X 320 px. body { background-image: url("../images/bg-main.gif"); background-position: 0% 100%; background-repeat:repeat-x; } The rest of my web site is in 1024 X 768 resolution. It works perfectly until I dynamically insert a new DIV in the middle of the page using javascript. It cause the browser scroll bar to appear and when I scroll down to the bottom, I can see the image stopping right at it's original position. How can I make my image get down again without reloading the page ??? I'm using the EXTJS framework to avoid reloading the page... Thanks Alain

Read the article
How can I embed a PDF in a Word Doc, and access that PDF with VBA?

- by Austin R

I have a word doc with some ActiveX buttons on it. When one of these buttons is pressed, a UserForm pops up with a corresponding PDF displayed, like so: This is exactly the behavior I want. However, the problem is that for this to work, the user of the word doc needs to have each of the PDFs saved on their machine as well. Here's the code for one of the buttons: Private Sub AC1Button_Click() DisplayForm.AcroPDF1.LoadFile ("C:\Users\arose\Desktop\Security Control Doc\Sub PDFs\AC1.pdf") DisplayForm.Show End Sub As you can see, the path is hardcoded in. I need to be able to distribute this word doc without needing to distribute a bunch of PDFs along with it, so is there any way to embed PDFs in a word document in such a way that they're accessible by VBA? I've discovered here that it's reasonably easy to embed a PDF in any office doc. And I've tried that: But I can't figure out how to access that PDF object in my VBA code, in order to display it on the UserForm. Any insight is appreciated, thanks!

Read the article
Is writing eSQL database independent or not?

- by Robert Koritnik

Using EF we can use LINQ to read data which is rather simple (especially using fluent calls), but we have less control unless we write eSQL on our own. Is writing eSQL actually data store independent code? So if we decide to change data store, can the same statements still be used? Does writing eSQL strings in your code pose any serious security threats similar to writing TSQL statements as plain strings in C# code? That's why SPs are recommended. Could we still move eSQL scripts outside of code and use some other technique to make them a bit more secure?

Read the article

< Previous Page | 736 737 738 739 740 741 742 743 744 745 746 747 | Next Page >