Search Results

Search found 13059 results on 523 pages for 'security hole'.

Page 405/523 | < Previous Page | 401 402 403 404 405 406 407 408 409 410 411 412  | Next Page >

• file_get_contents() returns "failed to open stream" when hitting HTTPS

  - by TMC

  file_get_contents() is returning "failed to open stream" when I call it on an HTTPS URL. Warning: file_get_contents(https://google.com) [function.file-get-contents]: failed to open stream: No error in E:\\htdocs\callback3.php on line 5 Same call will work with a non-SSL URL. At first, I thought it was a security issue with my webhoster, but I have verified with phpinfo() that allow url open is indeed allowed. I have also tried this code and verified it works: Anyone have any ideas why file_get_contents() is failing with an HTTPS URL? update: People correctly pointed out this was an HTTPS issue. My webhoster claims this should work, and has no idea how to resolve this. Anyone have specific directions I can give them for their IIS7 setup?

  Read the article

• App.config settings, environment variable as partial path

  - by Jean-Bernard Pellerin

  I'm new to tinkering with app.config and xml, and am currently doing some refactoring in some code I haven't written. Currently we have a snippet which looks like this: <setting name="FirstSetting" serializeAs="String"> <value>Data Source=C:\Documents and Settings\All Users\ApplicationData\Company ...;Persist Security Info=False</value> What I'd like to do is have it instead point to something like ${PROGRAMDATA}\Company\... How can I achieve this, keeping in mind that PROGRAMDATA will not always point to C:\ProgramData ?

  Read the article

• Using WPF class in a web application, problem with hosting permission

  - by tanathos

  I'm developing a DLL that uses WPF classes to make image manipulation. It works fine in my local environment, but when I try to use it in an hosted web site I retrieve this error: Request for the permission of type 'System.Security.Permissions.MediaPermission, WindowsBase, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' failed. exactly when I try to call the EndInit() of a BitmapImage object: BitmapImage originalImage = new BitmapImage(); originalImage.BeginInit(); originalImage.CacheOption = BitmapCacheOption.OnLoad; originalImage.UriSource = new Uri(physical_imagepath); originalImage.EndInit(); Any suggestion?

  Read the article

• hOW TO INSERT DATA FROM ASP.NET TEXTBOX TO TWO DIFFERENT TABLE ON SINGLE BUTTON CLICK EVENT ?

  - by user559800

  I M USING THAT CODE TO INSERT INTO SINGLE TABLE ! HOW TO USE THIS CODE TO INSERT THE TEXTBOX TEXT TO MULTIPLE TABLES OF SAME COLUMN ON SINGLE BUTTON CLICK EVENT IN VB.NET ? Imports System.Data.SqlClient Protected Sub ImageButton1_Click(ByVal sender As Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles ImageButton1.Click Dim con As New SqlConnection Dim cmd As New SqlCommand con.ConnectionString = "Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\ASPNETDB.MDF;Integrated Security=True;User Instance=True" con.Open() cmd.Connection = con cmd.CommandText = "INSERT INTO a1_ticket (seat_remain) VALUES('" & Trim(Label1.Text) & "')" cmd.ExecuteNonQuery() con.Close() End Sub

  Read the article

• Using WiX, how do I change a property of a subfolder of a virtual directory?

  - by Joergen Bech

  I have a hierarchy of Directory elements in a WiX script. I also have a component that creates a virtual directory (using IIS:WebVirtualDir), which points to the root of my Directory hierarchy. How do I change a property (e.g. AnonymousAccess) of a subfolder of the virtual directory, e.g. MyVirtualDir <<< this is the virtual directory root MyVirtualDir\MySubFolder <<< this is the subfolder for which I wish to change a property using WebDirProperties Please note that I do not wish to create a new virtual directory for the subfolder. I only wish to change a few security settings. The current script is too big to post here, but take a look at the WiX tutorial: 5.3 Web Directory. Suppose in that example that there was another Directory element named "MySubFolder" nested within the "InstallDir" element. What would then be the next step in order to set properties for "MySubFolder" without turning it into a virtual directory?

  Read the article

• iFrames and Cookies

  - by Tom

  I have a site on A.com and an iframe on B.com which reads info from A.com. I realize that there is some problems with third party cookies, iframes and P3P - particularly in Safari [my problem] Is it possible to instead, use AJAX or a hidden iFrame to pass the cookie information from A.com to B.com which will then "recreate" another cookie with the same information on the iframe in B.com. I am trying to do this for authenication - i.e. a user is logged in on A.com and then goes to b.com and the iframe is also logged in ? I was hoping to perhaps pass the data in a hidden iframe and "recreate" the cookie in the iframe on B.com using JavaScript? Is this possible ? Security issues ? What about HTTPS?

  Read the article

• can I prohibit users from loading swf files by AS3 / Flash Loader.load() and only allow loading imag

  - by EndangeringSpecies

  I want to have an AS3 app load images from url supplied by the user. But I don't want a malicious user to be able to load an SWF file in place of the image, such as with an altered extension "maliciousSwf.png". Well, not sure how big a security threat that is above and beyond the ability of the hacker to decompile swf, but I think that ideally such behavior should not be allowed. So, is there any way to prevent this? When people allow users to load images in their Flash apps, do they somehow guard against loading of SWF? Or is this really absolutely no big deal?

  Read the article

• How can I run a package created with Simple Build Tool?

  - by Lukasz Lew

  I run: $ echo 'object Hi { def main(args: Array[String]) { println("Hi!") } }' > hw.scala $ sbt > warn Set log level to warn > run Hi! > package $ java -jar target/scala_2.7.7/test_2.7.7-1.0.jar Exception in thread "main" java.lang.NoClassDefFoundError: scala/ScalaObject at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:621) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124) at java.net.URLClassLoader.defineClass(URLClassLoader.java:260) Why can't I run this jar package this way?

  Read the article

• RUP (Rational Unified Process)

  - by tony

  I have chosen to use the development method RUP (Rational Unified Process) in my project. This is a method I've never used before. I've also included some elements from Scrum in the development process. The question is what the requirement specifications should contain in a RUP-model? Is it functional and non-functional requirements? And what should be included in a technical analysis and security requirements for RUP? Can’t find any information. Notes about this would be helpful. Hope people with RUP experience can share some useful experiences

  Read the article

• Setting ownership/permissions for symfony2 and other web projects

  - by Handonam

  I've been very confused as to how to set permissions and user/groups for my sites. It is particularly one of my weakest suits My curent problem is that I often find myself running into a situation where if i view a particular page, it won't have permissions to write to cache or logs. At this point I'll set the ownership towards apache. Then, in other cases, if i try to run internal scripts, for example, I can't write to these cache/log files because i set them for apache. Currently, my symfony2 files are all registered to me as a part of staff (Handonam:Staff). I've seen various people creating groups such as www-data, apache, etc, and using users such as theirselves (e.g. Handonam) or www as a part of those groups. So my question is: For symfony2 and other web projects, what's generally the best setup for user/group setup so that both apache and myself can interact with these files, while maintaining decent security?

  Read the article

• How do I download an attachment from an annotation using client-side JScript?

  - by VVander

  I'm trying to provide a link to the attachment of a note through the client-side JScript. The standard MS-made Notes component does this through the following url: [serverurl]/[appname]/Activities/Attachment/download.aspx?AttachmentType=5&AttachmentId={blahblahblah}&IsNotesTabAttachment=1&CRMWRPCToken=blahblahblah&CRMWRPCTokenTimeStamp=blahblahblah The problem is that I don't know how to get the Token or TokenTimeStamp, so I'm receiving an Access Denied error ("form is no longer available, security precaution, etc"). The only other way I can think of doing this is through the OData endpoint, but that would at best get me a base64 string that I still would have translate into a filestream to give to the browser (all of which seems like it would take forever to implement/figure out). I've found a few other posts that describe the same thing, but no one has answered them: http://social.microsoft.com/Forums/en-US/crmdevelopment/thread/6eb9e0d4-0c0c-4769-ab36-345fbfc9754f/ http://social.microsoft.com/Forums/is/crm/thread/45dabb6e-1c6c-4cb4-85a4-261fa58c04da

  Read the article

• Finding the URL of an XMLHttpRequest

  - by hawkettc

  Hi, I've got some code that does an ajax request using jQuery, and handles success and error conditions. On an error, I want to find out what the URL I called was, so I can log it. This information appears to be contained in the XMLHttpRequest.channel, but firefox is complaining about accessing this - Permission denied for <http://localhost:8081> to get property XMLHttpRequest.channel Any ideas how I can determine the URL associated with an XMLHttpRequest? What's the security issue getting hold of this information? Cheers, Colin

  Read the article

• PHP with SQL Injection

  - by Scott S

  For our first assignment in a System Security class, we have to hack into the professors "cheaply organized" sql database. I know the only user is "admin" and the select statement generated in the php is: select user_id from user where user_username = 'admin' AND user_password = md5('noob') I am having a number of problems attempting to bypass the password part of this statement as the professor has some javascript embedded in the page to sanitize the username and password of any non-alphanumeric values. This can be bypassed by turning off javascript :P but any values sent still get cleaned by the operating system (some build of Debian 32-bit). I've seen the code for the login request and it does not escape any characters. How do I bypass the operating systems escape sequences?

  Read the article

• Can I create and connect to a SQL Server CE database if SQL Server 2005 isn't installed?

  - by MusiGenesis

  Is there any way to do this? Update: Sorry, I should have included more information. I am trying to create and connect to a SQL CE database using System.Data.SqlServerCe in C# running on a PC (i.e. not running on a Windows Mobile device). This code: string connstr = "Data Source=\"" + filename + "\";Persist Security Info=False;"; System.Data.SqlServerCe.SqlCeEngine engine = new SqlCeEngine(connstr); engine.CreateDatabase(); ... works fine on any PC that has SQL Server 2005 installed, but fails on any PC that doesn't have it installed. I'm trying to find out if there's any way to get this to work without installed SQL Server 2005 on the machine.

  Read the article

• Firefox window.parent.location

  - by Mustafa Magdy

  I've a Html page index.htm which has an iframe to page search.htm the search.htm has code like this function executeSearch() { window.parent.location = "/SearchResults.aspx?t=" + txt_Search.value; } this code executed now from index.htm page and it works great on IE and Chrome, but not FireFox ... is there any work around ?? I tried window.parent.location.href, window.opener.location, window.parent.document.location ... but nothing of those worked. after searching the web i found some one with similar prob he said that this is a security settings in Firefox ... is this true?? and if so is there any workaround ?

  Read the article

• Accessing an RSS feed in Flex, works when run from Flash Builder 4, but not when the project is onli

  - by ben

  Hey guys, In my Flex 4 app, I access an RSS feed (I'm using http://news.ycombinator.com/rss as a dummy). It works okay when I run it from Flash Builder 4, but if I export the project and upload it, I get the following error when it tries to load the RSS feed: Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: my_website_url cannot load data from http://news.ycombinator.com/rss. What could be causing this error? Shouldn't RSS be able to be accessed from anywhere? Thanks for reading.

  Read the article

• Delete MSMQ Queue During Uninstall

  - by Todd Kobus

  Is it possible to delete a private message queue that was created by the service user? During uninstallation, we would like to clean up any message queues created by our application. For security purposes, access to these queues has been restricted to the current user (ServiceUser). During uninstall, we have admin privileges, but still get an access denied MessageQueueException when we attempt to delete the queue or modify the privs on the queue. Here is the cleanup code: public void DeleteAppQueues() { List<string> trash = new List<string>(); var machineQueues = MessageQueue.GetPrivateQueuesByMachine("."); foreach (var q in machineQueues) { if (IsAppQueue(q.QueueName)) { trash.Add(".\\" + q.QueueName); } q.Dispose(); } foreach (var queueName in trash) { try { using (MessageQueue delQueue = new MessageQueue(queueName)) { delQueue.SetPermissions("Everyone", MessageQueueAccessRights.FullControl, AccessControlEntryType.Allow); } MessageQueue.Delete(queueName); } catch (MessageQueueException ex) { // ex.Message is "Access to Message Queuing system is denied." } } }

  Read the article

• NoSQL for concurrent reads/writes

  - by Mickael Marrache

  After getting some performance issues for an application using a MySQL database, I'm thinking of using NoSQL solutions. My architecture is as follows: One application receives messages from the network at a high throughput (i.e. 50000 messages/sec). Each message is stored in the DB, so it's important for the write rate to be as fast as the arrival rate. Then, I also have some PHP pages that accesses the DB to get the data stored by the other application. It's important for me that the retrieved data is as relevant as possible (i.e. not old data, let's say not more than 5 seconds old). Also, the data is not critical, so I don't need any security mechanism to avoid losing the data. I see there are a lot of NoSQL solutions, but I don't know if they are all relevant. Could you please provide me some directions. Thanks

  Read the article

• Using an IN clause in Vb.net to save something to the database using SQL

  - by Rob

  I have a textbox and a button on a form. I wish to run a query (in Vb.Net) that will produce a query with the IN Values. Below is an example of my code myConnection = New SqlConnection("Data Source=sqldb\;Initial Catalog=Rec;Integrated Security=True") myConnection.Open() myCommand = New SqlCommand("UPDATE dbo.Recordings SET Status = 0 where RecID in ('" & txtRecID.Text & "') ", myConnection) ra = myCommand.ExecuteNonQuery() myConnection.Close() MsgBox("Done!", _ MsgBoxStyle.Information, "Done") When I enter a single value it works but when I enter values with commas it throws an error: "Conversion failed when converting the varchar value '1234,4567' to data type int." Could someone please help me to solve this or if there is an alternative way? Many Thanks

  Read the article

• Data Warehouse: One Database or many?

  - by drrollins

  At my new company, they keep all data associated with the data warehouse, including import, staging, audit, dimension and fact tables, together in the same physical database. I've been a database developer for a number of years now and this consolidation of function and form seems counter to everything I know. It seems to make security, backup/restore and performance management issues more manually intensive. Is this something that is done in the industry? Are there substantial reasons for doing or not doing it? The platform is Netezza. The size is in terabytes, hundreds of millions of rows. What I'm looking to get from answers to this question is a solid understanding of how right or wrong this path is. From your experience, what are the issues I should be focused on arguing if this is a path that will cause trouble for us down the road. If it is no big deal, then I'd like to know that as well.

  Read the article

• How can I receive messages using over http without MSMQ

  - by pduncan

  I need a reliable messaging framework that runs over http/https (due to client security requirements) and that doesn't use MSMQ (because some clients will use Windows XP Home). The clients only need to be able to receive messages, not send them. We already have a message queue on the server for each user, and the receivers have been getting messages by connecting to an HttpHandler on the server and getting a Stream from WebResponse.GetResponseStream() We keep this stream open, and pull messages off of it using Stream.Read(). This MOSTLY works, but Stream.Read() is a blocking call, and we can't reliably interrupt it. We need to be able to stop and start the receiver without losing messages, but the old stream often hangs around, even after we call Thread.Abort on its thread. Any suggestions?

  Read the article

• Remote desktop connection to Raspberry Pi without specifying a port

  - by Max Methot

  I have a Raspberry Pi running Raspbian Wheezy connected in "Site A", where the network is managed by a third party company and where all ports are closed the the Internet (for security reasons). So, there is no way for me to do any port forwarding to VNC, nor SSH or anything else. That means I just can't access it in any way other than locally, on-site. However, I need to connect to that device on the X Desktop session (graphical interface) to do some maintenance, and I am located in let's say "Site B", which is nearly 300 miles away from site A. I know you can do such tasks on Windows or x86 Linux computers with TeamViewer (we use it for our other hardware in the same location and it works like a charm), but since the Raspberry Pi is based on an ARM architecture, it isn't supported by TeamViewer yet. If anyone has ever achieved this, I would be glad to hear how to do it! Thanks!

  Read the article

• server.sh gives me following error Exception"main" java.lang.NoClassDefFoundError:

  - by NickNaik

  i am trying to start the "Program D" from the terminal, command in terminal "sh server.sh" gives me following error Starting Alicebot Program D. Exception in thread "main" java.lang.NoClassDefFoundError: org/alicebot/server/net/AliceServer Caused by: java.lang.ClassNotFoundException: org.alicebot.server.net.AliceServer at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) My Server.sh file ALICE_HOME=.SERVLET_LIB=lib/servlet.jar ALICE_LIB=lib/aliceserver.jar JS_LIB=lib/js.jar # Set SQL_LIB to the location of your database driver. SQL_LIB=lib/mysql_comp.jar # These are for Jetty; you will want to change these if you are using a different http server. HTTP_SERVER_LIBS=lib/org.mortbay.jetty.jar:lib/javax.xml.jaxp.jar:lib/org.apache.crimson.jar PROGRAMD_CLASSPATH=$SERVLET_LIB:$ALICE_LIB:$JS_LIB:$SQL_LIB:$HTTP_SERVER_LIBS java -classpath $PROGRAMD_CLASSPATH -Xms64m -Xmx64m org.alicebot.server.net.AliceServer $1

  Read the article

• Where are the best locations to write an error log in Windows?

  - by Keith Sirmons

  Where would you write an error log file, say ErrorLog.txt, in Windows? Keep in mind the path would need to be open to basic users for file write permissions. I know the eventlog is a possible location for writing errors, but does it work for "user" level permissions? EDIT: I am targeting Windows 2003, but I was posing the question in such a way as to have a "General Guideline" for where to write error logs. As for the EventLog, I have had issues before in an ASP.NET application where I wanted to log to the Windows event log, but I had security issues causing me heartache. (I do not recall the issues I had, but remember having them.)

  Read the article

• How can I use the Scala program schema2src?

  - by pr1001

  This perhaps more a Server Fault question... I installed schema2src via sbaz and now I would like to convert a DTD (Apple's plist schema) to Scala source. $ schema2src usage: schema2src [flags] --module mname arg* or schema2src dtd arg* or (experimental) schema2src xsd arg* (this doesn't work at all yet) where supported [flags] may be: --verbose prints some debugging information However, if I try give any argument, it appears it can't find Scala: $ schema2src --verbose Exception in thread "main" java.lang.NoClassDefFoundError: scala/runtime/BoxesUtility at schema2src.Main$.processArgs(Main.scala:56) at schema2src.Main$.main(Main.scala:25) at schema2src.Main.main(Main.scala) Caused by: java.lang.ClassNotFoundException: scala.runtime.BoxesUtility at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:315) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:330) at java.lang.ClassLoader.loadClass(ClassLoader.java:250) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:398) ... 3 more I have scala in my PATH... Any suggestions? Assuming that problem can be fixed, is this the correct syntax? $ schema2src PropertyList-1.0.dtd

  Read the article

< Previous Page | 401 402 403 404 405 406 407 408 409 410 411 412  | Next Page >