Search Results

Search found 30819 results on 1233 pages for 'software security'.

Page 856/1233 | < Previous Page | 852 853 854 855 856 857 858 859 860 861 862 863  | Next Page >

• Pass HTML form entries into a Javascript array to then be written to a client side cookie?

  - by Tom

  I'm building a bit of a test-case JS application, something very basic, but have run into some problems. I'm trying to use a HTML form for a user to enter a number, which is then written to a Javascript Array. The user then has the option to write that same array to a local (client side) cookie. (I understand the security implications of this - it's a test-case and not for commercial use.) However, I can't make the connection - how can I capture the HTML entry, press 'submit' which will send it to a JS array, where the user can then press a different 'submit' which will write the array to a text file? If anyone can help I'd appreciate it because it's been nearly 6 hours and it's not funny anymore.

  Read the article

• buffer overflow with boost::program_options

  - by f4

  Hello, I have a problem using boost:program_options this simple program, copy-pasted from boosts' documentation : #include <boost/program_options.hpp> int main( int argc, char** argv ) { namespace po = boost::program_options; po::options_description desc("Allowed options"); desc.add_options() ("help", "produce help message") ("compression", po::value<int>(), "set compression level") ; return 0; } fails with a buffer overflow. I have activated the "buffer security switch", and when I run it I get an "unknown exception (0xc0000409)" when I step over the line desc.add_options()... I use Visual Studio 2005 and boost 1.43.0. By the way it does run if I deactivate the switch but I don't feel comfortable doing so... unless it's possible to deactivate it locally. So do you have a solution to this problem? EDIT I found the problem I was linking against libboost_program_options-vc80-mt.lib which wasn't the good library.

  Read the article

• Best practice for partial updates in a RESTful service

  - by magiconair

  I am writing a RESTful service for a customer management system and I am trying to find the best practice for updating records partially. For example, I want the caller to be able to read the full record with a GET request. But for updating it only certain operations on the record are allowed, like change the status from ENABLED to DISABLED. (I have more complex scenarios than this) I don't want the caller to submit the entire record with just the updated field for security reasons (it also feels like overkill). Is there a recommended way of constructing the URIs? Do I use GET, POST, PUT or is there no agreed way of doing these kind of things? When reading the REST books RPC style calls seem to be frowned upon. Thanks Frank

  Read the article

• How to preload local javascript everytime a new tab or page is opened?

  - by Klerk

  I would like to autoload a local javascript file, everytime a new page/tab is opened in a browser. I tried the bookmarklet approach, but it gets tiresome as the button needs to be pressed everytime a new page/tab is opened. Chrome extensions also seem to work along the same lines (where you have to press an icon to run the js). Googling for javascript and preload seems to return everything except what I am looking for. Is there a browser indepent way of autoloading (no user action required) a local js file? If not, any browser specific info to do this would be appreciated (even if they mean reducing security by turning off required options). Thanks!

  Read the article

• Rails3 and safe nl2br !

  - by arkannia

  Hi, I have a system for the users to be able to post comments. The comments are grasped into a textarea. My problem is to format the comments with br tag to replace \n In fact, i could do something like that s.gsub(/\n/, '<br />') But the xss protection including in rails escapes br tags. So i could do this s.gsub(/\n/, '<br />').html_safe But then, all the tags are accepted even script.... causing a big security problem So my question is : how to format text with br safely ? Thanks EDIT: For now, i have add this def sanitaze self.gsub(/(<.*?>)/, '') end def nl2br self.sanitaze.gsub(/\n/, '<br />').html_safe end

  Read the article

• PHP CHECKBOX Array Issue

  - by Val

  I have a list of checkboxes like you would see in most email clients (You tick a box press delete then it deletes an email). <input type="checkbox" value="yes" name="box[]" /> The problem stands here ... print_r($_POST['box']);//Returns nothing at all ... var_dump($_POST['box']);// returns null... I was reading something about register globals that php5 has turned it off for security reason. Does anyone know what my options are ?

  Read the article

• Running a Java process in Windows even after the user is logged out

  - by Mani

  I have a batch file that starts a Java process in a Windows 2003 server. As per the security policy, the users of that machine are logged off forcefully, if the user is inactive for a certain period of time. The problem is that when the user is logged out, the process also dies. I scheduled a new task (Control Panel - Scheduled Tasks) and selected the option of 'When my computer starts' and gave the user account details there. But it doesn't seem to have any effect, the user is still logged out and the process dies. Is a reboot necessary to make this change effective? And after the reboot, will I achieve what I'm expecting (keeping the process alive)? Alternatively, will running this process as a Windows Service solve the problem? If so, can you please let me know how I can make a Java program or a batch file to run as a Windows Service? I would prefer not to use any other third party tools or libraries. Thanks

  Read the article

• WCF: connecting to service over internet times out

  - by Shaul

  Still on the WCF learning curve: I've set up a self-hosted WCF Service (WSDualHttpBinding), which works fine on my own computer, which resides behind a firewall. If I run the client on my own computer, everything works great. Now I installed the client on a computer outside my network, and I'm trying to access the service via a dynamic DNS, like so: http://mydomain.dyndns.org:8000/MyService. My port forwarding issues were taken care of in a previous question; I can now see the service is up in my browser. But now when I try to run the client on the other machine, I get the following error message: "The open operation did not complete within the allotted timeout of 00:01:00. The time allotted to this operation may have been a portion of a longer timeout." I have disabled security on the service, so that's not it. What else might be preventing the connection from happening?

  Read the article

• Taking web page screen shot in Windows 8 Metro app

  - by Megan

  I'm trying to take screen shot of web page in Windows 8 Metro app. So far the only helpful control is the WebView. Unfortunately it does not contain any method like DrawToBitmap (known from Forms WebBrowser control). Am I missing something? Different approach would focus on injecting some JS (e.g. html2canvas) to page rendered in WebView but I don't think it is possible due to security reasons. I would greatly appreciate any help.

  Read the article

• Symfony 2 - UrlGenerator::doGenerate is called before listener

  - by guyaloni

  I want to add to the context a parameter, so when login is called I can use it in the route (similar to _locale). I can add this piece of code in HttpUtils.php (as resetLocale), but i don't find it very clean. The reason I need it is the firewall redirection to the login controller, which I would like to have in its route a customized parameter. My problem is that my listener is called after UrlGenerator::doGenerate is called, so I get a MissingMandatoryParametersException. Here is my config.yml relevant code: services: mycompany.demobundle.listener.request: class: MyCompany\DemoBundle\RequestListener arguments: [@router, @security.context] tags: - { name: kernel.event_listener, event: kernel.request, method: onKernelRequest } Any idea???

  Read the article

• Silverlight 3 and System.ServiceProcess - Doesn't allow the reference to be added.

  - by Brad8118

  I'm trying to write a program that can stop and start services using SilverLight 3 and VS2010. I can't add the reference to the System.ServiceProcess dll. C:\Windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll 1st why? - It it just a security precaution? 2- Is there a work around? Does SilverLight have a different library that I can use to start and stop services. Also note that this is a desktop application and not a web app. It will be sitting on my desktop to toggle services on and off.

  Read the article

• Other SecurityManager implementations available?

  - by mhaller

  Is there any other implementation (e.g. in an OSS project) of a Java SecurityManager available which has more features than the one in the JDK? I'm looking for features like configurable at runtime policies updateable at runtime, read from other data sources than a security.policy file Thread-aware, e.g. different policies per Thread Higher-level policies, e.g. "Disable network functions, but allow JDBC traffic" Common predefined policies, e.g. "Allow read-access to usual system properties like file.encoding or line.separator, but disallow read-access to user.home" Monitoring and audit trace logging, e.g. "Log all file access, log all network access going NOT to knownhost.example.org" Blocking jobs "requesting" a permission until an administrator grants permission, letting the thread/job continue ... I'm pretty sure that application servers (at least the commercial ones) have their own SecurityManager implementation or at least their own policy configuration. I'm wondering if there is any free project with similar requirements.

  Read the article

• "SQL Server does not exist or access denied." upon VB.Net Deployment

  - by JasonMHirst

  Have built a small VB.Net app in VS2010. The connection string to the SQL Server is as follows: <connectionStrings> <add name="IWSR_DataDownloadWizard.My.MySettings.sqlConnection" connectionString="Provider=SQLOLEDB.1;Data Source=SQLServer;Integrated Security=SSPI;Initial Catalog=IWSROL" providerName="System.Data.OleDb" /> </connectionStrings> Within the VS2010 environment AND on my machine, the connection works perfectly, however when I deploy to clients I get an error message of: [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied. I've tried to search the net for solutions, have seen a few instances of people saying to NOT use the Server Name but the IP Address instead (this doesn't work) and some saying to remove the "Provider=SQLOLEDB.1", again this doesn't work. Can anyone suggest a solution please? Further information: Development System is Windows7 using VS2010 Deployment systems are a combination of Windows XP, Windows 2000 and Windows 7 SQL Server is SQL2000 (soon to be SQL2005). TIA

  Read the article

• Error in executing

  - by Saranya.R

  Hi........ I am interested in sending tweets using Java program.I wrote the following prgram.It doen't show any error in compiling.But while executing it shows "Exception in thread "main" java.lang.NoClassDefFoundError: hi Caused by: java.lang.ClassNotFoundException: hi at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:252) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320) Could not find the main class: hi. Program will exit." This is my code.. package twitter; //import java.lang.object; import net.unto.twitter.*; import net.unto.twitter.TwitterProtos.Status; public class hi { public static void main(String args[]) { Api api = Api.builder().username("usename").password("password").build(); api.updateStatus("This is a test message.").build().post(); } } Can anybody help me ..Pls

  Read the article

• Can a signed Java Applet/Web Start manipulate content in a cross-site IFRAME?

  - by etoleb

  Is it possible for a signed Java Applet or Web Start app to write to the DOM of an IFRAME under a different domain? Does the fact that they're a signed applet/javaws allow them to ignore browsers' standard cross-browser security? If this does work, how well is it supported across the major browsers? Thanks! EDIT: My motivation is to add a browser plugin-like tool to third-party websites I don't control. It's not required that I use Java at all---any ideas or suggestions are encouraged.

  Read the article

• saving appengine mail from spam filters

  - by Fh

  One of my clients uses Trend Micro InterScan Messaging Security to protect their internal mail services. Suddenly InterScan decided to filter out all messages coming from Google App Engine. Unfortunately they haven't been able to whitelist the sender address as each e-mail gets a different one. For example, *3ckihSOVMMHlZHSL.JSMMHlZHSL.JS*@apphosting.bounces.google.com, with everything before the @ being variable. Update I'm including this screenshot of how Interscan sees the incoming e-mail. Notice that all senders are different: If I look into the e-mail headers, the apphosting domain appears inside the Return-Path field: Return-Path: <36kSiSwYIBh0883XL3E7.5EH883XL3E7.5E@apphosting.bounces.google.com> The "From" field looks ok. It says what I set it to say, but the spam filter only looks at the Return-Path. My client sysadmin doesn't want to whitelist the whole apphosting domain, as it wouldn't be only whitelisting my application. How could I bypass this e-mail filters if I can't get an unique sender? Thanks,

  Read the article

• Cannot connect via HTTPS in Java app on MacOSX (Certificate validation issue)

  - by johnnyx

  I have a java application that connects to a webservice over https. The domain where i host the webservice has a valid Goddaddy issued SSL certificate. The application works fine on Windows but on MacOSx i receive the following exception when attempting to connect to the webservice via https. sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I've tested it on two machines running Mac OS X 10.7.2 with the latest java runtime updates. I understand this is usually a problem with self signed certificates that need to be added manually, but i have a valid Godaddy issued certificate. In webbrowsers (safari & firefox) on mac os the certificate is recognized and seems ok. I even tried adding the certificate to the key chain manually like in the gase of a self signed one but to no result.

  Read the article

• Nhibernate.Bytecode.Castle Trust Level on IIS

  - by jack london

  Trying to deploy the wcf service, depended on nhibernate. And getting the following exception On Reflection activator. [SecurityException: That assembly does not allow partially trusted callers.] System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Assembly asm, PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission permThatFailed) +150 System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) +0 System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) +86 System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) +230 System.Activator.CreateInstance(Type type, Boolean nonPublic) +67 NHibernate.Bytecode.ActivatorObjectsFactory.CreateInstance(Type type) +8 NHibernate.Driver.ReflectionBasedDriver.CreateConnection() +28 NHibernate.Connection.DriverConnectionProvider.GetConnection() +56 NHibernate.Tool.hbm2ddl.SchemaExport.Execute(Action`1 scriptAction, Boolean export, Boolean justDrop) +376 in IIS configuration service's trust level is Full-trust also application's web config's trust level is full. how could i make this service in working state?

  Read the article

• Windows Platform Installer fails during Orchard Installation

  - by nullnvoid

  I'm attempting to install Orchard 1.0 on a Windows 7 box. It has only just been released. I downloaded and installed the Windows Platform Installer and attempted to install Orchard. The error message is just that the application has stopped working and asks if I want to debug or close the application. The event log contains a single error: "The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing." I tried installing MVC3 and it worked without issue. Has anyone experienced a similar problem?

  Read the article

• Code First entity framework connection string

  - by Suneel Dixit

  I have 3 class projects in my solutions. 1. MVC4 project 2. Domain 3. Tests In the MVC4 project I have added a web.config file with the connection string as <add name="EfDbContext" connectionString="Data Source=.;Initial Catalog=SportsStore;Integrated Security=true;" providerName="System.Data.SqlClient"/> I have a class by name EfDbContext in Domain project which inherits DbContext. When I view the website in browser, I get the server not found error. I debugged the EfDbContext class and found that the Database.Connection.ConnectionString is set to \SqlExpress with database as EfDbContext. Why is that?

  Read the article

• double authentication issue on IIS / Report Server (SQL server 2008)

  - by Vinzz

  Hi, On a 2003 server box, with SQL server 2008 installed (ReportServer deployed in IIS mode), I've got a virtual directory within IIS with it's security set to 'windows authentication', with the following html code: <body> <h1>test</h1> <iframe src="/reportserver" witdh="50%" height="50%" /> </body> From the outside, I've got a first login/pwd box displayed to access the html code, then a second one to display the content of the iframe. On the same type of server, but with SQL Server 2005, I don't have this issue (i.e. only one login box). My thought is that the first token should give acces to both the page and the iframe, isn't it? Any hints on how to setup the reportserver to fix this? thanks.

  Read the article

• PHP and MySQLi close()

  - by Theopile

  Hello all. I am new to mysql and php, but am attempting to make my own cms to help make managing my websites easier. Can someone explain the mysqli's close() function. 1)Is it nesseccary? 2)What exactly does it do? 3)I heard that after php runs its script that it closes the connection, is that true? 4)Lastly, is there a security issue when not closing your connection to the database? Thanks

  Read the article

• a direct, simple api to run as system?

  - by fejesjoco

  Suppose a program is running with elevated privileges already, and it needs to see the contents of the System Volume Information folder, and by default, only NT Authority\System can do that. A workaround would be to change ACL's on the folder, but I don't want to mess with that. I already found two ways to do it: the task scheduler and psexec. They are too indirect, I don't even need to describe the first one, and the second one works by installing a windows service, running it, telling it to run whatever I wanted to run, then uninstalling the service. Now the question is: is there a direct, simple WinAPI function to run something as system? I don't think that such an API would circumvent the security restrictions, as an administrator I have the right to schedule a task or install a service, so there must be a shortcut.

  Read the article

• Does Exchange have ability to run hidden mailboxes?

  - by MadBoy

  Hello, Title of my question may sound a little bit odd but I was thinking if Exchange 2010 or 2007 or any program that would work in conjunction with Exchange has ability to create this structure: Users having their normal mailboxes connected and using them as everyone would in Outlook 2003/2007/2010. Users having additional mailboxes (from old Exchange 2003) attached but hidden on demand of Administrator. For example administrator could easy disable them just like they never been attached making them invisible to users and everyone else. Would be good if such mailboxes could be easily removed out of system (lets say on external drive) by simple step not manual job for 100 mailboxes. Users without ability to copy/move their mails to outside storage (like a local .pst file)? Do you guys have any suggestions on this? I was thinking maybe using public folders but this seems like overkill and not really suited for this. And please don't ask me why I need this type of security (it's not something I requested).

  Read the article

• file_get_contents() returns "failed to open stream" when hitting HTTPS

  - by TMC

  file_get_contents() is returning "failed to open stream" when I call it on an HTTPS URL. Warning: file_get_contents(https://google.com) [function.file-get-contents]: failed to open stream: No error in E:\\htdocs\callback3.php on line 5 Same call will work with a non-SSL URL. At first, I thought it was a security issue with my webhoster, but I have verified with phpinfo() that allow url open is indeed allowed. I have also tried this code and verified it works: Anyone have any ideas why file_get_contents() is failing with an HTTPS URL? update: People correctly pointed out this was an HTTPS issue. My webhoster claims this should work, and has no idea how to resolve this. Anyone have specific directions I can give them for their IIS7 setup?

  Read the article

< Previous Page | 852 853 854 855 856 857 858 859 860 861 862 863  | Next Page >