Search Results

Search found 11985 results on 480 pages for 'legal issues'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 192/480 | < Previous Page | 188 189 190 191 192 193 194 195 196 197 198 199  | Next Page >

  • Security of executing a command from php

    - by Nicolò Martini
    I'm writing a web application in which i use several thirdy party commands calling them with the exec function in PHP (for example, I render Latex formulas through a command-line program). My question is: what are the security issues of executing external command-line programs in php? What I have to be aware of? Can you give me a list of points to check? Thanks in advance.

    Read the article

  • What am I missing in this ASP.NET XSS Security Helper class?

    - by smartcaveman
    I need a generic method for preventing XSS attacks in ASP.NET. The approach I came up with is a ValidateRequest method that evaluates the HttpRequest for any potential issues, and if issues are found, redirect the user to the same page, but in a away that is not threatening to the application. (Source code below) While I know this method will prevent most XSS attacks, I am not certain that I am adequately preventing all possible attacks while also minimizing false positives. So, what is the most effective way to adequately prevent all possible attacks, while minimizing false positives? Are there changes I should make to the helper class below, or is there an alternative approach or third party library that offers something more convincing? public static class XssSecurity { public const string PotentialXssAttackExpression = "(http(s)*(%3a|:))|(ftp(s)*(%3a|:))|(javascript)|(alert)|(((\\%3C) <)[^\n]+((\\%3E) >))"; private static readonly Regex PotentialXssAttackRegex = new Regex(PotentialXssAttackExpression, RegexOptions.IgnoreCase); public static bool IsPotentialXssAttack(this HttpRequest request) { if(request != null) { string query = request.QueryString.ToString(); if(!string.IsNullOrEmpty(query) && PotentialXssAttackRegex.IsMatch(query)) return true; if(request.HttpMethod.Equals("post", StringComparison.InvariantCultureIgnoreCase)) { string form = request.Form.ToString(); if (!string.IsNullOrEmpty(form) && PotentialXssAttackRegex.IsMatch(form)) return true; } if(request.Cookies.Count > 0) { foreach(HttpCookie cookie in request.Cookies) { if(PotentialXssAttackRegex.IsMatch(cookie.Value)) { return true; } } } } return false; } public static void ValidateRequest(this HttpContext context, string redirectToPath = null) { if(context == null || !context.Request.IsPotentialXssAttack()) return; // expire all cookies foreach(HttpCookie cookie in context.Request.Cookies) { cookie.Expires = DateTime.Now.Subtract(TimeSpan.FromDays(1)); context.Response.Cookies.Set(cookie); } // redirect to safe path bool redirected = false; if(redirectToPath != null) { try { context.Response.Redirect(redirectToPath,true); redirected = true; } catch { redirected = false; } } if (redirected) return; string safeUrl = context.Request.Url.AbsolutePath.Replace(context.Request.Url.Query, string.Empty); context.Response.Redirect(safeUrl,true); } }

    Read the article

  • How to specify the Event Log Source where ASP.NET writes unhandled exceptions?

    - by Knagis
    By default ASP.NET writes any unhandled exception to the default ASP.NET X.Y.Z.0 event log source. Is it possible to specify either configuration that the events and exceptions for a particular application has to be logged in a specific event log Source? The reason is that I would want all issues directly related to my application to be stored in a separate event log category that can then be filtered against.

    Read the article

  • Use of infix operator hack in production code (Python)

    - by Casebash
    What is your opinion of using the infix operator hack in production code? Issues: The effect this will have on speed. The potential for a clashes with an object with these operators already defined. This seems particularly dangerous with generic code that is intended to handle objects of any type. It is a shame that this isn't built in - it really does improve readability

    Read the article

  • Are Visual Studio Express and SharpDevelop Project Interchangeable?

    - by Luminose
    I'm starting to learn WPF and currently use Visual Studio Express 2010 at home. I want to be able to work on my projects at work but I am unable to install any unauthorized software on my computer. I downloaded SharpDevelop 4 and changed it so I can run it from my USB drive. SharpDelvelop will open Visual Studio projects but are there any issues I should be aware of?

    Read the article

  • How do you determine an acceptable response time for DB requests?

    - by qiq
    According to this discussion of Google App Engine on Hacker News, A DB (read) request takes over 100ms on the datastore. That's insane and unusable for about 90% of applications. How do you determine what is an acceptable response time for a DB read request? I have been using App Engine without noticing any issues with DB responsiveness. But, on the other hand, I'm not sure I would even know what to look for in that regard :)

    Read the article

  • Experience with Coderush XPress and Visual Studio 2010?

    - by HumerGu
    It is possible to use CRX with VS 2010: http://stackoverflow.com/questions/1441554/can-i-use-coderush-xpress-in-visual-studio-2010 Refactor Key works. (After assigning the shortcut) What doesn't work is QuickNav and QuickFileNav. The Standard Shourtcut for QuickFileNav is CTRL+ALT+F, which is conflicted with VS View.F#Interactive. But removing this shortcut or changing the shortcuts for QuickNav and QuickFileNav doesn't bring up the nav-windows. NextReference (TABULATOR) doesn't work Any solutions? Other issues?

    Read the article

  • Using NDbUnit with tables that have a table schema

    - by KevinT
    I am having issues using NDbUnit with tables that have their own schema - ie: CREATE TABLE MYSCHEMA.MyTable01 ( Id int NOT NULL, Description varchar(50) NOT NULL ) Is this a supported scenario? What do I need to do to get this to work? (working fine when the table is dbo.MyTable01)

    Read the article

  • Midlet signing issue

    - by abc
    Hello please check this. its not reposting . its just to focus more number of people on the problem. http://superuser.com/questions/135198/code-signing-issues

    Read the article

  • Changing the style of a Combo-Box in WPF (in Blend preferably)

    - by George Sealy
    I'm having some issues trying to change the look / style of a combo box in Expression Blend / WPF. While there are tutorials out there describing setting styles for buttons, there seem to be a few wrinkles with ComboBox controls. Can anyone offer any advice, or point me towards good tutorials that cover re-styling something more complex than a button?

    Read the article

  • Error When running asp.net Application in IIS

    - by Nandini
    Hi, I have an application in asp.net.I configured it in IIS.When i running this application in IIS i getting an error; Server "/" error: Resource Cannot be Found Error:404 Some of pages only produce this issues.Other forms are working perfectly.Without running application in IIS Its working perfectly. If any one can answer plz send the answer immediatly. Thank you

    Read the article

  • XNA/C# Game Settings (Menu?)

    - by PCAddict
    It's my first time trying to make anything really interesting in C# and I was trying to make a simple form or game screen where the user could define a custom resolution/screen ratio etc. or to automatically detect the max screen size/ratio and output? its my first game, so I was wondering if it was possible or if there would be any major issues with such, rather than just setting it to 1366x768 (the resolution of all of my computers). Thanks in advance for any assistance.

    Read the article

  • How to send emails with a Return Path in .net 3.5

    - by Haroon
    Can any one guide me on how i can send emails with a return path in ASP.net 3.5 / C# 3.5. I know this was possible few years back but now due to spoofing issues this is not possible. I have been looking on internet but no use. I want the emails if bounced, should reach my bounce mail box, which could be like [email protected]. Please guide. Really stuck ... Best regards, Haroon

    Read the article

  • Moving the Windows 7 Pro OEM image to computer with the same hardware

    - by SWin
    We bought 8 clean computers (even without HDD) with the same hardware and bought eight Windows 7 Pro OEM disks. Now I prepare one Win7 installation without activation but with all required programs, settings, etc. Then I'm going to clone the image to other computers even without sysprepping. I'm going to change the product key to legal number at COA sticker on each computer and make the activation through the Internet. Will this scenario work? I know that OEM's license agreement forbids the image cloning and the actions I'm going to do breaks the agreement. According the license agreement I should make the manual clean install of Win7 on each computer. But how Microsoft and other viewers can determine the cloning fact? All computers are the same and license Win7 DVDs are also the same. However in my case the installation time also will the same (and may be kind of installation code or something else) and this is not good. Will the Win7 activation work? Can I be sure that activation will not damage after some time? Can Microsoft determine the cloning fact during the activation process? Thank you.

    Read the article

  • Capture output from browser call using Selenium

    - by gagneet
    I need to create a use case (using Selenium) in which I send HTTP calls with a Cookie through the browser and capture the return value in a text file. What do I need to do this, I have run this using CURL in the command line, but we are encountering issues with the same, and hence wish to verify using a real UI browser.

    Read the article

  • ASP.NET Dynamic Data Browser Compatibility

    - by Petras
    Could any experienced users of Dynamic Data comment on whether there are issues with it in: Internet Explorer 6 Safari Chrome Opera We are looking to use it on a public facing website and good old IE6 has many important users in government departments and large companies so it has to work there. The other browsers could also become an issue.

    Read the article

  • Updating a gridview based on dundas chart callback

    - by Daud
    I have a dundas pie chart which when clicked issues a client callback which updates another chart associated with it. Basically its like a drill down thing. I also want to update my gridview based on the user's selection of the pie. But since the update of chart is being done using dundas client callback I'm unable to rebind my Gridview. Is there any way to do it? .

    Read the article

  • openssl versus windows capi

    - by oren
    Which is better to use openssl or windows capi for ecnryption issues what is the pro and con list for both. and if it possible to write my encryptor program on openssl and decrypt it with windows capi with no problem or there are some problem with this.

    Read the article

  • mean and variance of image in single pass

    - by ajith
    hi everyone,am trying to calculate mean and variance using 3X3 window over image(hXw) in opencv...here is my code...is there any accuracy issues with this??or is there any other efficient method to do it in one pass.? int pi,a,b; for(i=1;i

    Read the article

  • jquery / javascript for upload the file from browser to server

    - by Lalit
    Hi, I am developing the application in asp.net mvc with c#. I want the functionality that , a div will popup, so that i can facilate to use to upload the image file from his browser to server , in application domains file system. as usual. This question may be repeat , but i expect something more like how to build this scenario, and what are the security issues may come? and what care have to take while coding in the security perspective ?

    Read the article

  • Branching Strategies

    - by Craig H
    The company I work for is starting to have issues with their current branching model, and I was wondering what different kinds of branching strategies the community has been exposed to? Are there any good ones for different situations? What does your company use? What are the advantages and disadvantages of them?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 188 189 190 191 192 193 194 195 196 197 198 199  | Next Page >