Daily Archives

Articles indexed Monday April 5 2010

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 73/106 | < Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >

  • How do you protect against specific CSRF attack

    - by Saif Bechan
    I am going trough the OWASP Top 10 list of 2007 and 2010. I stumbled upon Cross Site Request Forgery (CSRF) this is often called session riding as you let the user usee his session to fulfill your wishes. Now a solution to this is adding a token to every url and this token is checked for every link. For example to vote on product x the url would be: 'http://mysite.com?token=HVBKJNKL' This looks like a solid solution to because a hacker can not guess the token. But I was thinking of the following scenario(I do not know if it is possible): You create a website with an hidden iFrame or div. After that you can load my website in it either using just the normal iFrame or ajax. When you have my website loaded hidden inside your website, and the user has a stored session, the following can be done. You can retrieve the token from the URLS, and still do all the actions needed. Is it possible to do something like this. Or is it not possible to do this cross domain.

    Read the article

  • page loads twice in Google chrome

    - by Cristian Boariu
    Hi guys, Does anyone have any problems with Page_Load being executed twice in Google Chrome? It's a short question, i do not know what else to explain... I have a simple asp.net page and in Firefox and IE all it's working fine. But in Chrome the Page_Load is fired twice... Anyone has any ideas why? Later EDIT: - what is strange is that i have 4 repeaters... binded with random values. The random methods are twice fired (because of page loaded twice) but the repeaters takes the INITIALLY values...so, the 2nd post back is somehow raised after the rendering step. 3rd edit: It happens ONLY at the refresh!

    Read the article

  • javascript call url from different domain

    - by user246114
    Hi, I want to post some data via javascript to another domain. Something like: http://www.othersite.com/submitfunnyname?name=blah The other site (othersite.com) has a REST interface that you can call (well actually this is a get example) to submit a funny name to them. Can I do this already with javascript? I'm a little confused on this - I know if that service wants to return some data, I'd need to use something like JSON-P - even though here I'm submitting some data, I guess the service will return some message structure letting me know the result, so it would have to be JSON-P, right? Thanks

    Read the article

  • Python - How is this snippet working?

    - by orokusaki
    For some reason this function confused me: def protocol(port): return port == "443" and "https://" or "http://" Can somebody explain the order of what's happening behind the scenes to make this work the way it does. I understood it as this until I tried it: Either A) def protocol(port): if port == "443": if bool("https://"): return True elif bool("http://"): return True return False Or B) def protocol(port): if port == "443": return True + "https://" else: return True + "http://" Is this some sort of special case in Python, or am I completely misunderstanding how statements work?

    Read the article

  • What's the different?

    - by question_about_the_problem
    I'm not php expert and I don't know what's the different(1) between a and b. a.)eval('return "'.base64_decode("encoded_text").'";') b.)base64_decode("encoded_text") -I THINK, a is php code and b is just string. And my other question is: What is the diffent(2) between c and d? c.)eval('return "'.base64_decode("encoded_text").'";') d.)eval(base64_decode("encoded_text")) So I have 2 questions. Who can answer/help ? Thanks.

    Read the article

  • wireless networks c program

    - by Nave
    i wud like to create a wireless network from a laptop. if some laptops come within this range, i wud like to send them a welcome message and when they leave the wifi range, i send them a bye message. is it possible to code such a thing in C? please help me out with this.

    Read the article

  • Asp.Net - When does it restart the application

    - by Seattle Leonard
    I know that whenever you add/remove/modify any file in the "App_Code", "App_GlobalResources", and "bin" directories that ASP.NET will recompile and essentially restart the application. My question is : "What happens to any threads currently executing durring the change?" Do they finish? Is a Thread.Abort Exception thrown? What happens if the application itself makes a change in any of those directories?

    Read the article

  • WPF - simple relative path - FindAncestor

    - by user309392
    In the XAML below the ToolTip correctly binds to RelativeSource Self. However, I can't for the life of me work out how to get the TextBlock in the commented block to refer to SelectedItem.Description <Controls:RadComboBoxWithCommand x:Name="cmbPacking" Grid.Row="2" Grid.Column="5" ItemsSource="{Binding PackingComboSource}" DisplayMemberPath="DisplayMember" SelectedValuePath="SelectedValue" SelectedValue="{Binding ElementName=dataGrid1, Path=SelectedItem.PackingID}" ToolTip="{Binding RelativeSource={RelativeSource Self}, Path=SelectedItem.Description}" IsSynchronizedWithCurrentItem="True" Style="{StaticResource comboBox}"> <!-- <Controls:RadComboBoxWithCommand.ToolTip>--> <!-- <TextBlock Text="{Binding RelativeSource={RelativeSource Self}, Path=SelectedItem.Description}" TextWrapping="Wrap" Width="50"/>--> <!-- </Controls:RadComboBoxWithCommand.ToolTip>--> </Controls:RadComboBoxWithCommand> I would appreciate any suggestions Thanks - Jeremy

    Read the article

  • How to pass an anonymous array of strings to a JavaScript function?

    - by abatishchev
    I want to pass to an array of controls' IDs to a javascript script function so it will switch control's enable state. For example, in C# it would be like this: func(false, new[] { "Control1", "Control2", "Control3" }); In that function I want to find corresponding controls and disable/enable them. For one control I do this next way: <script type="text/javascript" language="javascript"> function switchControls(value, arr) { for (var n = 0; n < array.length; n++) document.getElementById(n).disabled = value; } </script> <asp:CheckBox runat="server" onclick="switchControls(this.checked, [ '<%= Control1.ClientID %>', '<%= Control2.ClientID %>' ])" Text="Take?" /> How to implement this properly? Have I to use jQuery?

    Read the article

  • Custom DataAnnotation attribute with datastore access in ASP.NET MVC 2

    - by mare
    I have my application designed with Repository pattern implemented and my code prepared for optional dependency injection in future, if we need to support another datastore. I want to create a custom validation attribute for my content objects. This attribute should perform some kind of datastore lookup. For instance, I need my content to have unique slugs. To check if a Slug already exist, I want to use custom DataAnnotation attribute in my Base content object (instead of manually checking if a slug exists each time in my controller's Insert actions). Attribute logic would do the validation. So far I have come up with this: public class UniqueSlugAttribute : ValidationAttribute { private readonly IContentRepository _repository; public UniqueSlugAttribute(ContentType contentType) { _repository = new XmlContentRepository(contentType); } public override bool IsValid(object value) { if (string.IsNullOrWhiteSpace(value.ToString())) { return false; } string slug = value.ToString(); if(_repository.IsUniqueSlug(slug)) return true; return false; } } part of my Base content class: ... [DataMember] public ContentType ContentType1 { get; set; } [DataMember] [Required(ErrorMessageResourceType = typeof (Localize), ErrorMessageResourceName = "Validation_SlugIsBlank")] [UniqueSlug(ContentType1)] public string Slug { get { return _slug; } set { if (!string.IsNullOrEmpty(value)) _slug = Utility.RemoveIllegalCharacters(value); } } ... There's an error in line [UniqueSlug(ContentType1)] saying: "An attribute argument must be a constant expression, typeof expression or array creation expression of an attribute parameter type." Let me explain that I need to provide the ContentType1 parameter to the Constructor of UniqueSlug class because I use it in my data provider. It is actually the same error that appears if you try do to this on the built-in Required attribute: [Required(ErrorMessageResourceType = typeof (Localize), ErrorMessageResourceName = Resources.Localize.SlugRequired] It does not allow us to set it to dynamic content. In the first case ContentType1 gets known at runtime, in the second case the Resources.Localize.SlugRequired also gets known at runtime (because the Culture settings are assigned at runtime). This is really annoying and makes so many things and implementation scenarios impossible. So, my first question is, how to get rid of this error? The second question I have, is whether you think that I should redesign my validation code in any way?

    Read the article

  • Deploying Excel 2003 VSTO Workbook using Sharepoint for versioning control

    - by KClough
    I have an excel 2003 vsto workbook that I would like to make available via sharepoint for version control. Ideally it could be checked in/out by non-developers for tweaking excel equations, and I would be able to deploy the compiled dlls somewhere else when I need to update the managed VSTO code. I understand I may need to use some clickonce functionality as well so when a user first views the sheet they get all the necessary full-trust permissioning. Also, it is my understanding that for a user to use the vsto functionality in an excel 2003 vsto workbook, they must have the compiled dll in thier GAC, is this true? When testing I get trust exceptions otherwise.

    Read the article

  • Why does OpenGL have to completely break backwards compatablity?

    - by directx
    I'm not sure if this only applies to JOGL or the entire OpenGL project in general. But there seems to be a vast difference between versions 3.x and 2.x; Code that works on one version will not work on another. It looks to me like the library designers intentionally renamed various classes, packages, and functions just to screw up the existing code. I've never seen anything like this before. The problem is I'm not sure which library to use now, and when looking at code it's not so easy to figure out whether it's supposed to run on 2.x or 3.x.

    Read the article

  • Linking two pages using JSP

    - by jamesatha
    So, I am trying to use JSP to create a set of webpages. I want to link two pages so that if the user clicks a button in one page, it will trigger an event in the other page. Is there an efficient way to do this? I was taking a look at creating cookies and/or sessions. Any suggestions on these two methods? Thanks

    Read the article

  • spawn-fcgi/ fast CGi php crashes without traces in logs, on Gentoo

    - by user39046
    Hello, I recently moved from apache to a Nginx/fastcgi solution, I had it running on a Fedora system and had no problems, but, since i moved all to Gentoo , the Spawn-fCGI / fastcgi php daemon dies, and i can't find out any errors reports on /var/log/messages , so i don't know why this happens. I've seen that fastcgi is somehow different from the fedora distro, on gentoo as it has different conf files and init.d startup scripts, Can someone help me make it more stable? The number of requests that i had isn't any different from the ones I had on fedora, so i use the default conf that comes with the distro..and in about some hours it simply dies... Thank you very much

    Read the article

  • isolate web servers on intranet with dfl-800

    - by microchasm
    I administer a small network (10 users). I'm getting ready to deploy a internal webapp that will be hosted and accessed locally only. There are about 10 users on the network (192.168.111.0/24), a win2k3 server, apache (RHEL), and Mysql (RHEL), and various miscellaneous peripheries. I'd like to isolate the apache and sql boxes into a seperate area of the lan to keep things easier to maintain/grow. I've been reading about vlans, subnets, etc.. I'm not clear, however, which would be the best solution for our setup. Thanks for any tips and or advice.

    Read the article

  • Offloading Cable Modem operations to Router

    - by Matt
    I may be crazy here, but I seem to recall a conversation in the past stating that it was possible to offload some of the operations taken by one's cable modem to one's router. The logic was that since the cable modem is often equipped with a cheaper processor as it is supplied by your provider, that it often chokes even crashes when you start a torrent or something else with a lot of connections. I seem to recall that some routers offered the ability to take some of the modem's operations. Is this possible or have I imagined the whole thing? I ask because my modem seems to have many issues when I start torrents.

    Read the article

  • The Oracle Cash Management Secret Very Few Customers Know About

    - by Theresa Hickman
    Did you know that Oracle Cash Management has a robust positioning feature? I had no idea. I was under the mistaken impression that Oracle Cash Management only did bank statement reconciliations. It seems I am not alone. In fact, many Oracle Financials customers are also not aware of this even though it is delivered for free with the Oracle Financials license. Even better, last week, Oracle released an enhancement to Oracle Cash Management for Release 12 that will greatly help customers with their cash positioning needs. As we all know, credit is tight these days. Companies need better visibility of their cash and other liquidity positions to make better use of their cash resources. Today, many customers are managing their cash positions manually using spreadsheets. We also hear how many of them are maintaining larger than normal balances in numerous bank accounts because they just do not have the visibility, and therefore the comfort they need. Although spreadsheets may work in the short-term, they are not the best way to manage your cash positions for the long-term especially if you have dozens, or even hundreds of bank and brokerage accounts. Also, spreadsheets are a lot more risky because they can be overwritten, deleted, difficult to audit, etc. With the newly enhanced positioning feature in Oracle Cash Management, customers can manage their daily cash positions using an excel-like interface that is very flexible and user-configurable. You can link the worksheet to an unlimited number of bank accounts to automatically retrieve your opening balances, the current/intra-day cash inflows and outflows, as well as your expected cash flows from your Fx, Investment and Debt positions if you have Oracle's Treasury module . Oracle Cash Management also has direct integration with Oracle Receivables, Oracle Payables, and Payroll, which adds to the comprehensive picture of what's happening with your organizations' cash in real-time. Here's a screen shot of what the cash positioning page looks like: View image As you can see, your Treasurers can obtain a holistic view of all cash positions across any number of bank accounts as well as other sources of cash flow movements. Depending on how they manage their accounts, they can also use this feature to initiate or monitor bank account sweeps or transfers between their zero balance accounts (ZBA) or cash pools. The cash position worksheet provide drill down for more detail and the ability to manually enter items directly into the worksheet for even greater flexibility and control. The enhancements to this feature were released last week. The following list the patches for Release 12.0.6 and 12.1.1: For more information, visit the following website. http://launch.oracle.com. PIN: yes2try

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >