Search Results

Search found 30932 results on 1238 pages for 'rogue security software'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 308/1238 | < Previous Page | 304 305 306 307 308 309 310 311 312 313 314 315  | Next Page >

  • Cookieless Django - Django with no cookies

    - by phoebebright
    As I'm writing a django site from government bodies I'm not going to be able to use cookies. I found this snippet http://djangosnippets.org/snippets/1540/ but it's currently not allowing users to login. Before I start debugging I wondered if anyone else has solved this problem with this snippet or in any other way?

    Read the article

  • Does anyone use Fortify 360 with Classic ASP? a Header Manipulation vulnerability story

    - by j_green71
    Good morning, everyone. I'm on a short-term contracting gig, trying to patch some vulnerabilities in their legacy code. The application I'm working on is a combination of Classic ASP(VBScript) and .Net 2.0 (C#). One of the tools they have purchased is Fortify 360. Let's say that this is a current classic ASP page in the application: <%@ Language=VBScript %> <% Dim var var = Request.QueryString("var") ' do stuff Response.Redirect "nextpage.asp?var=" & var %> I know, I know, short and very dangerous. So we wrote some (en/de)coders and validation/verification routines: <%@ Language=VBScript %> <% Dim var var = Decode(Request.QueryString("var")) ' do stuff if isValid(var) then Response.Redirect "nextpage.asp?var=" & Encode(var) else 'throw error page end if %> And still Fortify flags this as vulnerable to Header Manipulation. How or what exactly is Fortify looking for? The reason I suspect that Fortify is looking for specific key words is that on the .Net side of things, I can include the Microsoft AntiXss assembly and call functions such as GetSafeHtmlFragment and UrlEncode and Fortify is happy. Any advice?

    Read the article

  • Design for a machine learning artificial intelligence framework (community wiki)

    - by Lirik
    This is a community wiki which aims to provide a good design for a machine learning/artificial intelligence framework (ML/AI framework). Please contribute to the design of a language-agnostic framework which would allow multiple ML/AI algorithms to be plugged into a single framework which: runs the algorithms with a user-specified data set. facilitates learning, qualification, and classification. allows users to easily plug in new algorithms. can aggregate or create an ensemble of the existing algorithms. can save/load the progress of the algorithm (i.e. save the network and weights of a neural network, save the tree of a decision tree, etc.). What is a good design for this sort of ML/AI framework?

    Read the article

  • How to create Python module distribution to gracefully fall-back to pure Python code

    - by Craig McQueen
    I have written a Python module, and I have two versions: a pure Python implementation and a C extension. I've written the __init__.py file so that it tries to import the C extension, and if that fails, it imports the pure Python code (is that reasonable?). Now, I'd like to know what is the best way to distribute this module (e.g. write setup.py) so it can be easily used by people with or without the facility to build, or use, the C extension. My experience is limited but I see two possible cases: User does not have MS Visual Studio, or the GCC compiler suite, installed on their machine, to build the C extension User is running IronPython, Jython, or anything other than CPython. I only have used CPython. So I'm not sure how I could distribute this module so that it would work smoothly and be easy to install on those platforms, if they're unable to use the C extension.

    Read the article

  • How to create Python module distribution to gracefully fall-back to pure Python code

    - by Craig McQueen
    I have written a Python module, and I have two versions: a pure Python implementation and a C extension. I've written the __init__.py file so that it tries to import the C extension, and if that fails, it imports the pure Python code (is that reasonable?). Now, I'd like to know what is the best way to distribute this module (e.g. write setup.py) so it can be easily used by people with or without the facility to build, or use, the C extension, just by running: python setup.py install My experience is limited, but I see two possible cases: User does not have MS Visual Studio, or the GCC compiler suite, installed on their machine, to build the C extension User is running IronPython, Jython, or anything other than CPython. I only have used CPython. So I'm not sure how I could distribute this module so that it would work smoothly and be easy to install on those platforms, if they're unable to use the C extension.

    Read the article

  • Sha or Md5 algorithm i need to encrypt and decrypt in flex

    - by praveen
    Hi I am developing my application in flex and JSP, so when I am passing values through HTTP Service Post method with request object but these values are tracing and modifying by testing team so I am planning to encrypt values in flex and decrypt it in jsp.so is there any algorithms like SHA or MD5 more secure algorithms, so please send any code or related links it is very useful to me. I am using like httpService = new HTTPService; httpService.request = new Object; httpService.request.task = "doInvite"; httpService.request.email = emailInput.text; httpService.request.firstName = firstNameInput.text; httpService.request.lastName = lastNameInput.text; httpService.send(); So is there any other way to give more secure ,please help me in this,Thanks in Advance.

    Read the article

  • Easiest way to decrypt PGP-encrypted files from VBA (MS Access)

    - by stucampbell
    I need to write code that picks up PGP-encrypted files from an FTP location and processes them. The files will be encrypted with my public key (not that I have one yet). Obviously, I need a PGP library that I can use from within Microsoft Access. Can you recommend one that is easy to use? I'm looking for something that doesn't require a huge amount of PKI knowledge. Ideally, something that will easily generate the one-off private/public key pair, and then have a simple routine for decryption.

    Read the article

  • WCF how to pass token for authentication?

    - by Kevin
    I have a WCF service which would like to support basicHttpBinding and webHttpBinding. When the client successfully login, server will generate a token for client to pass to server on all the request make later. Question is how the client can pass the token to server? I don't want to add an extra parameter on every web method to hold the token.

    Read the article

  • How to organize modules for PyPI to support 2.x and 3.x

    - by Craig McQueen
    I have a Python module that I would like to upload to PyPI. So far, it is working for Python 2.x. It shouldn't be too hard to write a version for 3.x now. But, after following guidelines for making modules in these places: Distributing Python Modules The Hitchhiker’s Guide to Packaging it's not clear to me how to support multiple source distributions for different versions of Python, and it's not clear if/how PyPI could support it. I envisage I would have separate code for: 2.x 2.6 (maybe, as a special case to use the new buffer API) 3.x How is it possible to set up a Python module in PyPI so that someone can do: easy_install modulename and it will install the right thing whether the user is using 2.x or 3.x?

    Read the article

  • DBMS debugger causes TOAD to hang

    - by James Collins
    I can start the dbms debugger in Toad and use it normally but if I hit the 'halt execution' button or just hit the 'Run' button to reach the end of the function it causes TOAD to hang. Windows reports it as not responding and I have to kill it through the task manager. I have had this problem in Toad 9.7.2.5 and Toad 10 on two different laptops. Has anyone else experienced this problem? If you have did you find a solution to this?

    Read the article

  • Getting Attributes of Keychain Items

    - by rgov
    I'm trying to get the attributes of a keychain item. This code should look up all the available attributes, then print off their tags and contents. According to the docs I should be seeing tags like 'cdat', but instead they just look like an index (i.e., the first tag is 0, next is 1). This makes it pretty useless since I can't tell which attribute is the one I'm looking for. SecItemClass itemClass; SecKeychainItemCopyAttributesAndData(itemRef, NULL, &itemClass, NULL, NULL, NULL); SecKeychainRef keychainRef; SecKeychainItemCopyKeychain(itemRef, &keychainRef); SecKeychainAttributeInfo *attrInfo; SecKeychainAttributeInfoForItemID(keychainRef, itemClass, &attrInfo); SecKeychainAttributeList *attributes; SecKeychainItemCopyAttributesAndData(itemRef, attrInfo, NULL, &attributes, 0, NULL); for (int i = 0; i < attributes->count; i ++) { SecKeychainAttribute attr = attributes->attr[i]; NSLog(@"%08x %@", attr.tag, [NSData dataWithBytes:attr.data length:attr.length]); } SecKeychainFreeAttributeInfo(attrInfo); SecKeychainItemFreeAttributesAndData(attributes, NULL); CFRelease(itemRef); CFRelease(keychainRef);

    Read the article

  • Warning while downloading setup.exe builded by visual setup project

    - by nosbor
    I've built installer for my(c#, wpf) application by visual setup project. I share my project over internet by web site. But when I download the file I receive warning(actually looks like terrible error or virus) that the application(setup.exe) can harm my computer and apocalypse will come in near future if I will run it. Yes my installer is not signed by MS certificate, but I saw that other installers of others application also don't have cert but the warning is not shown(for instance installer of notepad++). Do you have any suggestions or solution of my problem?

    Read the article

  • FPSE, folder permissions and SharePoint Designer

    - by David Lively
    All, A few of our internal users are editing one of our classic ASP sites (Not a SharePoint site) via Sharepoint Designer which I believe uses FrontPage Server Extensions. I would like to give a particular user author rights to a single folder - ie, /products and any items and folders it contains. Any suggestions?

    Read the article

  • Why is IoC / DI not common in Python?

    - by tux21b
    In Java IoC / DI is a very common practice which is extensively used in web applications, nearly all available frameworks and Java EE. On the other hand, there are also lots of big Python web applications, but beside of Zope (which I've heard should be really horrible to code) IoC doesn't seem to be very common in the Python world. (Please name some examples if you think that I'm wrong). There are of course several clones of popular Java IoC frameworks available for Python, springpython for example. But none of them seems to get used practically. At least, I've never stumpled upon a Django or sqlalchemy+<insert your favorite wsgi toolkit here> based web application which uses something like that. In my opinion IoC has reasonable advantages and would make it easy to replace the django-default-user-model for example, but extensive usage of interface classes and IoC in Python looks a bit odd and not »pythonic«. But maybe someone has a better explanation, why IoC isn't widely used in Python.

    Read the article

  • SSL Login in iFrame

    - by Karsten
    My UI prototype requires me to show the sites login info all the time. Either I should show the usual username and password textbox or "you are logged in as". The last bit don't have to be secure, as it's only info to the user, nothing I will use server side. But the first part should send secure to the server. It seems that I would have to use https for all pages on the site then. I would like to only use ssl for the things that are required to be secure. One way is putting the login information into a https://../login.aspx and show it on my mainpage as an IFrame. One disadvantage I can see is that the user won't know that https is being used, unless they read the IFrame src in the source code. What do you think?

    Read the article

  • How can I reliably check client identity whilst making DCOM calls to a C# .Net 3.5 Server?

    - by pionium
    Hi, I have an old Win32 C++ DCOM Server that I am rewriting to use C# .Net 3.5. The client applications sit on remote XP machines and are also written in C++. These clients must remain unchanged, hence I must implement the interfaces on new .Net objects. This has been done, and is working successfully regarding the implementation of the interfaces, and all of the calls are correctly being made from the old clients to the new .Net objects. However, I'm having problems obtaining the identity of the calling user from the DCOM Client. In order to try to identify the user who instigated the DCOM call, I have the following code on the server... [DllImport("ole32.dll")] static extern int CoImpersonateClient(); [DllImport("ole32.dll")] static extern int CoRevertToSelf(); private string CallingUser { get { string sCallingUser = null; if (CoImpersonateClient() == 0) { WindowsPrincipal wp = System.Threading.Thread.CurrentPrincipal as WindowsPrincipal; if (wp != null) { WindowsIdentity wi = wp.Identity as WindowsIdentity; if (wi != null && !string.IsNullOrEmpty(wi.Name)) sCallingUser = wi.Name; } if (CoRevertToSelf() != 0) ReportWin32Error("CoRevertToSelf"); } else ReportWin32Error("CoImpersonateClient"); return sCallingUser; } } private static void ReportWin32Error(string sFailingCall) { Win32Exception ex = new Win32Exception(); Logger.Write("Call to " + sFailingCall + " FAILED: " + ex.Message); } When I get the CallingUser property, the value returned the first few times is correct and the correct user name is identified, however, after 3 or 4 different users have successfully made calls (and it varies, so I can't be more specific), further users seem to be identified as users who had made earlier calls. What I have noticed is that the first few users have their DCOM calls handled on their own thread (ie all calls from a particular client are handled by a single unique thread), and then subsequent users are being handled by the same threads as the earlier users, and after the call to CoImpersonateClient(), the CurrentPrincipal matches that of the initial user of that thread. To Illustrate: User Tom makes DCOM calls which are handled by thread 1 (CurrentPrincipal correctly identifies Tom) User Dick makes DCOM calls which are handled by thread 2 (CurrentPrincipal correctly identifies Dick) User Harry makes DCOM calls which are handled by thread 3 (CurrentPrincipal correctly identifies Harry) User Bob makes DCOM calls which are handled by thread 3 (CurrentPrincipal incorrectly identifies him as Harry) As you can see in this illustration, calls from clients Harry and Bob are being handled on thread 3, and the server is identifying the calling client as Harry. Is there something that I am doing wrong? Are there any caveats or restrictions on using Impersonations in this way? Is there a better or different way that I can RELIABLY achieve what I am trying to do? All help would be greatly appreciated. Regards Andrew

    Read the article

  • Windows Vista Update Now Wont Boot Up

    - by thatryan
    My friend just updated her Windows Vista to service pack 1, or tried to. Now it wont boot up. Just black screen, some errors etc. I tried googling it and lots of people had this problem it seems. Anyone find a fix for it? I read somewhere I believe that Microsoft said to delete some files, Nvidia maybe? But I can not find that again, I forgot the exact error code I searched for before. Does anyone know what I am talking about? LOL Thanks guys.

    Read the article

  • Convert the uploaded files to specific file format which can not download

    - by Avinash
    Hi, I have a problem regarding to prevent download and saving of uploaded files. My users can upload multiple files types like doc, pdf, ppt,etc.... This all file types are easily download if any one have url. So what is the better way to prevent the download of the file. Or i convert the uploaded files to some specific format which can not download easily (e.g flash).. I am running on php and mysql. Thanks Avinash

    Read the article

  • Best Diff Tool?

    - by ila
    For all my present Diff / Merge needs I'm using Beyond Compare; when I decided to buy a license for it I tried other similar tools, both payware and freeware. Now BC is at version 3, and I think it's a great tool... but what are your experience in this field? Do you think there is something better? And what are the feature you like best on your favorite Diff tool? EDIT I'm recollecting here a list of the tools mentioned in the answers below, in order of preferences (more or less), separating pay- from free- ware and indicating supported operating system. Hope this helps. PAYWARE Beyond Compare (win + linux) - http://www.scootersoftware.com/ Araxis Merge (win + osX) - http://www.araxis.com/merge/index.html ExamDiff Pro (win) - http://www.prestosoft.com/edp_examdiffpro.asp ECMerge (win, osX, linux) - http://www.elliecomputing.com/Home/default.asp MergePlant (win) - http://www.mikado-ltd.com/ Changes (OSX) http://www.changesapp.com Deltopia DeltaWalker (win, osx, linux) http://www.deltopia.com/ FREEWARE FileMerge (OSX) - http://en.wikipedia.org/wiki/Apple_Developer_Tools#FileMerge Tortoise SVN (win) - http://tortoisesvn.net/ WinMerge (win) - http://winmerge.org/ ExamDiff (win) - http://www.prestosoft.com/ps.asp?page=edp_examdiff Diff Merge from SourceGear - http://www.sourcegear.com/diffmerge/index.html Perforce Merge (win + linux + OSX) - http://www.perforce.com/perforce/products/merge.html meld (linux) - sudo apt-get install meld http://meld.sourceforge.net/ Vimdiff - vim distribution KDiff3 - http://kdiff3.sf.net/ ediff - EMacs distribution Tiny Hexer Kompare (KDE, linux) - http://www.caffeinated.me.uk/kompare/ tkdiff (win, linux, osX) - http://tkdiff.sourceforge.net

    Read the article

  • Access Control Lists basics

    - by vtortola
    Hi, I'm gonna add authorization, user and groups management to my application, basically... you will can define a set of permissions for a concrete user or group. For example, you could specify whom can use a concrete resource. So I want to ensure that my assumptions about ACLs are right: A basic rule could be "Grant", "Deny", "NoSet". User permissions have priority over group permissions. "Deny" statement has priority over "Grant". For example, user "u1" belongs to group "A", the resource "X" has this ACL "u1:grant,A:deny" user "u1" should be able to access the resource, shouldn't it? If a resource has no ACL set... does it means that anyone can access it? should I provide a default ACL? Any document about ACL in a general way? Cheers.

    Read the article

  • ssl multi domain website

    - by NetParis
    We need to secure a multi-langual web application with SSL (registration, login,..). However, this application is accessed by different domain names, exactly a domain name for each language (domainName.co.uk, domainName.fr, domainName.it and so on). We're looking for the simplest and cheapest solution. We don't want to purchase a certificate for each domain name. Some one has an idea ? the web server : IIS 6 Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 304 305 306 307 308 309 310 311 312 313 314 315  | Next Page >