Search Results

Search found 13059 results on 523 pages for 'security hole'.

Page 392/523 | < Previous Page | 388 389 390 391 392 393 394 395 396 397 398 399 | Next Page >

Validate a belongs to association in a build situation.

- by Victor Martins

I have a Mission model that has_many Task, and the Task belongs_to Mission For security I've made this validation on the Task Model: validates_presence_of :mission_id validates_numericality_of :mission_id But the problem is that when create a Mission and add tasks like this: @mission.tasks.build The validation returns error, because the mission id on the task is null ( the mission wasn't yet created ) If I delete the validation, the Mission and Task is created successfuly, but how can I keep the validation and still have this work? I could do a callback after the save, but I don't think that's right, because I don't want to save Tasks without a mission_id. P.S. I'm hidding my mission field on the form. If I have it visible, it will show the currect mission and everything is ok. But if I hidde it the error happens. <%= f.hidden_field :mission, :label => "Missão" %> Is the form reseting the attributes given by the controller on the new action?

Read the article
Copied App.config to (Assembly).exe.config but from folder debug application doesn't run

- by uugan

Gives error: "The specified named connection is either not found in the configuration, not intended to be used with the EntityClient provider, or not valid" App.config looks like and it's same as (Assembly.exe.config) config file for output: <?xml version="1.0" encoding="utf-8"?> <configuration> <connectionStrings> <add name="Entities1" connectionString="metadata=res://*/;provider=System.Data.SqlClient;provider connection string='data source=localhost;initial catalog=DatabaseName;integrated security=True;multipleactiveresultsets=True;App=EntityFramework'" providerName="System.Data.EntityClient" /> </connectionStrings> </configuration> How to run exe with it's configuration file? I tried to change '' to quot but nothing has changed.

Read the article
Pagination For SMS in Android specifically

- by Priyank

Hi. I had a pagination related question posted earlier. Here I went through the posted answers and suggested choices and I realized that to implement pagination in an application I could still write db level queries and ensure that I could implement pagination, even if in a crude form. However I have few follow up questions now: I am trying to show SMS from a content provider. Suppose I don't want to use content provider; can I access SMS table in database through my application. Aoes android's security framework allow that? How do people generally handle pagination problems in android, related to content that they are not storing but instead are fetching through content providers. (Android's own or custom) Isn't this a bigger problem. I am surprised to find so little text online about it.

Read the article
Modifying listbox values with jQuery in WebForm not posting back

- by Peter

When hitting a button, an error would occur: System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. --- System.ArgumentException: Invalid postback or callback argument. Event validation is enabled using in configuration or in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation. I then added EnableEventValidation="false" into my @Page directive, which fixed the error. Now after manipulating the listbox, the new values in the listbox are not posted back to the server. How can I solve this?

Read the article
Decrypting PKCS#7 encrypted data in C#

- by Johnny Egeland

I am working on a solution that needs to decrypt PKCS#7 encrypted data, preferably in C#. As far as I can see, the .NET api has support for this through the System.Security.Cryptography.Pkcs namespace. However it seems that the implementation can only work on byte arrays. So what do I do when I have a large encrypted file that does not fit into the memory? Am I missing something here, or is there another way to do this on a Stream level instead of using bytearrays?

Read the article
Can I decrypt an encrypted file even if someone modified it?

- by kiruthika

Warning: This question has been heavily edited. I tried my best to guess the original author's intentions. Please view the original version. I'm unsure on how to use the GPG command line tool, that we're using to encrypt files. File.txt is a simple text file: Testing hello world My security things. This is how I encrypt the file: gpg --symmetric File.txt This gives me a new, encrypted file: File.txt.gpg If someone else now modifies the encrypted file, I'm no longer able to decrypt it. $ gpg --decrypt File.txt.gpg gpg: no valid OpenPGP data found. gpg: decrypt_message failed: eof How can I get the content of my file, even though someone has modified it?

Read the article
Using DLL that using COM in C#

- by chekalin-v

I have been writing DLL on C++, that will be use in C#. DLL have some function, where I call hres = CoInitializeEx(NULL, COINIT_MULTITHREADED); and next call hres = CoInitializeSecurity( NULL, -1, // COM authentication NULL, // Authentication services NULL, // Reserved RPC_C_AUTHN_LEVEL_PKT, // Default authentication RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation NULL, // Authentication info EOAC_NONE, // Additional capabilities NULL // Reserved ); There are no error then I trying to use this dll in C++. But if I call function from DLL via C# application I see Error (80010106) Cannot change thread mode after it is set. I changed hres = CoInitializeEx(NULL, COINIT_MULTITHREADED); to hres = CoInitialize(NULL); After this changes error appear after CoInitializeSecurity: (80010119) Security must be initialized before any interfaces are marshalled or unmarshalled. It cannot be changed once initialized. How resolve this trouble?

Read the article
ASP.Net State Server on EC2 not connection

- by CountCet

I am trying to set up an Asp.Net State Server on Amazon EC2. The single web server using this State Server is also on EC2. I've done the following things. I've added the IIS role on the State Server. I changed the value in the registry to allow connections for the service and started the aspstate service. I verified it is listening on port 42424 by checking netstat. I edited the web.config of the Web server to point to this server. I added the the tcp port to my EC2 security group and allowed it for all incoming ip's. Anything else I am not doing?

Read the article
Url encode and routing?

- by Curtis White

I'm using custom routing in a web forms context. I have some titles (part of my custom route) that have say a question mark character. When I URL encode this text ("Question?") and then pass into my route, I get an HTTP ERROR CODE 400. Apparently, the URL encoded text is somehow confusing the routing manager. Can someone provide context and explanation for this? Beyond that, I'm thinking I don't need to URL encode these route data but merely strip out the problem characters. Are there any security risks to not using URL decode/encode? And what are the problem characters? A list would be useful. Thanks!

Read the article
High CPU Usage with WebGL?

- by shoosh

I'm checking out the nightly builds of Firefox and Chromium with support of WebGL with a few demos and tutorials and I can't help but wonder about the extremely high CPU load they cause. A simple demo like this one runs at a sustained 60% of my dual core. The large version of this one maxes out the CPU to 100% and has some visible frame loss. Chromium seems to be slightly better than firefox but not by much. I'm pretty sure that if these were desktop application the CPU load would be negligible. So what's going on here? what is it doing? Running the simple scripts of these can't be that demanding. Is it the extra layer of security or something?

Read the article
newbie: how to upload images from a form with PHP and mySQL

- by paracaudex

I'm creating a web app (locally, so security doesn't matter) in PHP where the user uploads a set of information and a small .jpeg, which is then inserted into a mySQL table. I can do this no problem with all the text data, but I'm not sure how to cause the image to upload alongside it. I assume I will have to use the blob data type and input type="file", but I fooled around with that a little bit and the solution doesn't seem to be an intuitive extension of how input type="text" works. Do I need to do a lot more PHP scripting to get this to work? Is it possible to upload an image with a form, or is there a necessary intermediate step?

Read the article
URLCallback with JAAS on WAS?

- by Dean J

I extended the JAAS javax.security.auth.spi.LoginModule, and installed it into a WAS server. It works; all logins go through the code in this new class, and if it says to not let them login, they're prevented from logging in. The root problem: I don't want it to filter logins for the admin console (/ibm/console), but I do want it to filter logins for other things on the server. I think that with the available setup, the login module applies to everything installed on the server, including the administration screens. I'd like to solve that by getting the URL of the page that triggered the call to the LoginModule. If I were using WebLogic, I'd use a URLCallback to get the URL. Does anyone know if Websphere Application Server has any parallel functionality to that, or if there's another workaround?

Read the article
What's the significance of Oct 12 1999?

- by Portman

In the SignOut method of System.Web.Security.FormsAuthentication, the ASP.NET team chose to expire the FormsAuth cookie by setting the expiration date to "Oct 12 1999". HttpCookie cookie = new HttpCookie(FormsCookieName, str); cookie.HttpOnly = true; cookie.Path = _FormsCookiePath; cookie.Expires = new DateTime(0x7cf, 10, 12); What's the significance of October 12th, 1999? Is it an inside joke, or is there some valid reason to set your cookie expiration to that particular date? Edit: The theories below are interesting, but they are just guesses. Since Phil, Scott, and other members of the ASP.NET team are on StackOverflow, I thought it would be fun to offer a bounty. Hopefully someone can track down the original developer and get an authoritative answer. Awarded: To Scott Hanselman for escalating this one all the way to ScottGu. I was really hoping for some sort of super-secret, Illuminati-esque meaning, but looks like it was just the old "one year ago" trick.

Read the article
Are government programming jobs good?

- by Absolute0

I am a passionate software developer and greatly enjoy programming. However I was recently contacted regarding a developer lead position for a government job at NYC for the fire department. The pay is pretty good, and I would assume the position has good job security and stability. But I am hesitant to even go for an interview as it seems like an exaggerated version of Office Space with a lot of Bureaucracy and mindless paper work. The description is as follows: The Lead Applications Developer, supporting the Programming Group, will be responsible for all phases of the system development life cycle including performing system analysis, requirements definition, database design, preparation of scopes of work, and development of project plans. Supervise programming staff and manage projects involving the design, implementation, maintenance, and enhancement of complex Oracle based user applications using Oracle Development tools. Applications will be deployed using Oracle Application Server utilizing programming languages such as JAVA, JSF, JSP, Oracle ADF, PL/SQL, and XML with J2EE and EJB technology. Anyone with previous government experience can share their two cents on this? Thank you.

Read the article
The machine-default permission settings do not grant Local Activation permission for the COM Server

- by subash

when i was trying to visit my webapplication(developed in asp.net & c#.net) in internet explorer ,i was not able to see the page. when i went event viewer the events ocurred,it was showing the error as below " The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1} to the user SAAD-DEV9\ASPNET SID (S-1-5-21-1757981266-1644491937-839522115-1007). This security permission can be modified using the Component Services administrative tool. " how to overcome this and see my application page

Read the article
Group SQL tables in SQL Server Management Studio object explorer

- by MainMa

I have a table which has approximately sixty tables, and other tables are added constantly. Each table is a part of a schema. A such quantity of tables makes it difficult to use Microsoft SQL Server Management Studio 2008. For example, I must scroll up in object explorer to access database related functions, or scroll down each time I need to access Views or Security features. Is it possible to group several tables to be able to expand or collapse them in Object Explorer? Maybe a folder may be displayed for each schema, letting collapse the folders I don't need to use?

Read the article
window.open("c:\test.txt") from Silverlight

- by queen3

I'm trying to open local file from Silverlight. I try Window.Navigate("c:\test.pdf", "_blank") and invoking JavaScript like this: window.open("c:\test.pdf", "_blank") Both give "Access is denied". However it works in plain HTML when I do <input type="button" value="test" onclick="window.open('c:\test.pdf', '_blank')" /> Is it Silverlight security restriction? Can I open a local file in a browser from Silverlight application? The reason behind this is that users store local paths and want to open those files from the app.

Read the article
Get jQuery post redirect response

- by Wickethewok

I've written some HTML/Javascript that sits on a third-party server for security reasons. This page performs a javascript post to another page on the same site. However, instead of responding with useful data, it instead wants to perform a redirect (if you would post via a normal HTML form to this page, it would redirect your browser). How can I process this process? I basically want to be able to extract the url's query parameters that it is trying to redirect with (and then put this link into a hidden form field). Here is my basic ajax post... $.ajax({ url: '/someurl/idontcontrol', data: serialized_form_data, async: false, type: 'POST', success: function(data, textStatus) { $('#redirect_link').val(WHAT_DO_I_PUT_HERE); } }); Note that the URL I am posting to is not one that I control, so I have no power over what it returns. Thanks!

Read the article
generate EF model by System.Diagnostics.Process

- by loviji

Hello, after read this article i tried generate EF model by System.Diagnostics.Process: Process myProcess = new Process(); var cs = "Data Source=.\\SQLEXPRESS; Initial Catalog=uqs; Integrated Security=SSPI"; myProcess.StartInfo.FileName = @"C:\Windows\Microsoft.NET\Framework\v3.5\EdmGen.exe"; myProcess.StartInfo.Arguments = "/mode:fullgeneration /c:"+cs+" project:School /entitycontainer:SchoolEntities /namespace:SchoolModel /language:CSharp "; myProcess.Start(); 1.but i haven't get a result, because i can't do well formed arguments string. As I tried, there have many quotes. how to organize argument string? 2.how can i catch if generation completed or have occurred errors?

Read the article
Sharepoint: Is there a maximum number of permission levels?

- by moontear

Hi, I get an error when trying to add a new permission level that due to a "contingency limit" I cannot add another permission level. I should delete an existing one and try again. (Sorry, no original error msg as this originates from a German WSS install, hence this is just a translation). There are about 1000 permission levels already. I know about Sharepoint's (WSS 2007 / WSS3) limitations relating to security principals like explained here, but I don't know of any limitations relating to permission levels. Is there any way to group the permission levels? I need as much as 2000 permission levels as there are many constellations of access rights per group.

Read the article
When should I open and close a website's cached WCF proxy?

- by Brandon Linton

I've browsed around the other articles on StackOverflow that relate to caching WCF proxies for reuse, and I've read this article explaining why I should explicitly open the proxy before calling anything on it. I'm still a little hazy on the best implementation details. My question is: when should I open and close proxies for service calls on a website, and what should their lifetime be (per call, per request, or per web app)? We aren't planning on leveraging cached security contexts at the moment (but it's not unforeseeable). Thanks!

Read the article
Prevent Ruby on Rails from sending the session header

- by hurikhan77

How do I prevent Rails from always sending the session header (Set-Cookie). This is a security problem if the application also sends the Cache-Control: public header. My application touches (but does not modify) the session hash in some/most actions. These pages display no private content so I want them to be cacheable - but Rails always sends the cookie header, no matter if the sent session hash is different from the previous or not. What I want to achieve is to only send the hash if it is different from the one received from the client. How can you do that? And probably that fix should also go into official Rails release? What do you think?

Read the article
Sharepoint Foundation 2010 development single machine installation problems

- by Robert Koritnik

I'm having problems installing development machine for Sharepoint (Foundation) 2010. This is what I did so far on the same machine: Installed a clean Windows 7 x64 with 4GB of RAM without being part of any domain. Just a simple standalone machine. Enabled IIS related features as described here except IIS6 related ones (two of them) Installed SQL Server 2008 R2 Development Edition (DB Engine and Writer being enabled but not SQL Agent) Installed Visual Studio 2010 Premium Started installing Sharepoint Foundation 2010 with first extracting files, changing config to enable Windows 7 installation and then installed it as Server Farm (then Complete) to avoid installing SQL Express. Created a separate SPF_CONFIG local user with Logon on as a service right. Opened SPF Management Shell and run New-SPConfigurationDatabase so I am able to use a non-domain username (SPF_CONFIG that I created in the previous step) But all I get is this: The outcome after this error is: Database Sharepoint2010Config is created User SPF_CONFIG is added to SQL Server and attached to this newly created database as dbowner and checking SQL server security logins this user has following rights: dbcreator securityadmin public

Read the article
python foursquare - SSL3 certificate verify failed

- by user1814277

I'm trying to make a userless request to the Foursquare API using Mike Lewis' Python wrapper - https://github.com/mLewisLogic/foursquare: client = foursquare.Foursquare(client_id=Client_ID, client_secret=Client_Secret) categs = client.venues.categories() Intermittently, I get a "Error connecting to Foursquare API" msg. Running a logger to catch a more detailed message produces: "SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed" This didn't use to happen and occurs both on my local Windows development machine and on a server running ubuntu. Am I missing something basic here about security certificates? The problem is intermittent and sometimes just leaving it a minute and retrying fixes the problem temporarily. I've downloaded the latest 20120716 version of the wrapper although in the code for init.py it still says API_VERSION = '20120608'. I'm using Python 2.73 and have also signed up for the Foursquare API key, using the id and secret in the above code. I listed the urls, using my local IP:8000 and tried using separate keys for the local and dev machines but this seems to make no difference. Help much appreciated. Thanks.

Read the article
What is the correct way to import and export out of Excel to SQL Server and back?

- by Vecdid

Looking for the correct way and control to import and export of out of Microsoft Excel programmatically. I am willing to get a 3rd party control that supports this functionality, or I can create it myself, but looking to get this prioject done fast. The Datasource will be offline. Although when it is online for the upload/download if there is a control that would merge them, that would work also. But best is to remain offline, don't need the support headache. Security is also an issue. SSIS is not available on the shared database server. The website that hosts the asp.net application is not on the same machine as the sql server. Thank you.

Read the article

< Previous Page | 388 389 390 391 392 393 394 395 396 397 398 399 | Next Page >