Search Results

Search found 13810 results on 553 pages for 'security roles'.

Page 432/553 | < Previous Page | 428 429 430 431 432 433 434 435 436 437 438 439  | Next Page >

• Can I using cross-site XmlHttpRequest in Itunes LP environment?

  - by jameulrich

  Itunes is based on Webkit platform and we can't use cross-site XmlHttpRequest in JavaScript because of security policy. But, as a exception, we can do that with a special header. Here is source code and I did it successfully in Safari: /////////////// var url = 'http://mysite.net/canvas.php'; var mybody = "Arun"; var http = new XMLHttpRequest(); http.open("POST", url, true); http.setRequestHeader("X-PINGOTHER", "pingpong"); http.setRequestHeader('Content-Type', 'application/xml'); http.setRequestHeader("Content-length", mybody.length); http.setRequestHeader("Connection", "close"); http.send(mybody); /////////////// I sent xml data to my server and get return response successfully in Safari browser but i can't do it in iTunes LP environment. So what is the problems?

  Read the article

• Is it secure to use malloc?

  - by Felix Guerrero

  Somebody told me that allocating with malloc is not secure anymore, I'm not a C/C++ guru but I've made some stuff with malloc and C/C++. Does anyone know about what risks I'm into? Quoting him: [..] But indeed the weak point of C/C++ it is the security, and the Achilles' heel is indeed malloc and the abuse of pointers. C/C++ it is a well known insecure language. [..] There would be few apps in what I would not recommend to continue programming with C++."

  Read the article

• building a website

  - by Ant

  Not sure if this is the right place to post this, or if it should be under programmers.stackexchange... Anywho, a couple of my friends run a business and they asked me to build them a public website. It will only be used for information about the company with soe pictures. No transactions will be involved. Right now I work for a company where I build internal websites, and do alot of backend programming in C#. I understand html, css, jquery, etc. so I feel like I am completely capable of building a website for them. However, I do not know all the basic knowledge to building one. For example, where should we host the files, what type of security issues do I need to be aware of, what's the best software to use for developing websites (I use visual studio at work), where can I find some design techniques, etc. Any help is appreciated.

  Read the article

• Mobile Application Upgrade/Update Framework

  - by sharjeel

  I am developing a few mobile apps for different platforms including Blackberry, Windows Mobile, Android and Symbian S60. I want my mobile apps to have the capability of checking for updates before starting and in case a new version is available, prompt the user to upgrade. Moreover in certain cases (like security patches), the user must be forced to update or the app won't work. Surely I can cook some code to achieve the task but I was wondering if there are already existing framework to serve the purpose so that I don't have to re-invent the wheel and test all over?

  Read the article

• Applet problem with IPlanet and Firefox (class not found)

  - by JB Hurteaux

  I have an applet which loads nicely when accessed locally (both IE and Firefox). However, when I put my webpage in a webserver (local IPlanet), it refuses to load on Firefox (but still fine on IE). I get the following error in the java console: load: class XXX.localprinting.LocalPrintingApplet.class not found. java.lang.ClassNotFoundException: XXX.localprinting.LocalPrintingApplet.class at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source) at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.io.IOException: open HTTP connection failed:https://XXX/test/XXX/localprinting/LocalPrintingApplet/class.class at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) ... 7 more Exception: java.lang.ClassNotFoundException: XXX.localprinting.LocalPrintingApplet.class Any idea what could explain the different behavior in the webserver? I researched the issue of "class not found" already but without finding something relevant.

  Read the article

• Is it possible to expose an API for my own WebSite ... but use oAuth for the api authentication?

  - by Pure.Krome

  Hi Folks, currently I expose an api for my website. Works great .. and i use Basic Authentication to authenticate users to get access to the data. eg. http://www.MyWebSite.com <-- main site. http://api.MyWebSite.com <-- my api website. sample api RESTful url http://user1:[email protected]/games?type=battlefield2 (yes yes i know browsers stop people from putting in user1:pass1 (Basic Auth) into the url directly .. cause of security . but it's to highlight that we're using Basic Auth)). So .. how can i do this with oAuth?

  Read the article

• Ask StackOverFlow : Canny a LightWeight Authorization library in Java

  - by eltados

  In the course of my work i need to develop an authorization engine ( i'm already authenticated and i check access of a user to an action ) in order to store all the authorization logic inside a same place and be able to reuse it and i have created the mini library. http://github.com/eltados/canny (updated) what do you think about it? What are the limits of my approch ? Do you understand the benefit or it? Is there any lightweight Authorization engine library i could have a look at? I had a look at spring security and it does not really answer my requirement. The main idea is that i want to be able to reuse the same code to controll access in the controllers and the views.

  Read the article

• How to retrieve all errors and messages from a query using ADO

  - by Johan Levin

  When a SQL batch returns more than one message from e.g. print statements, then I can only retrieve the first one using the ADO connection's Errors collection. How do I get the rest of the messages? If I run this script: Option Explicit Dim conn Set conn = CreateObject("ADODB.Connection") conn.Provider = "SQLOLEDB" conn.ConnectionString = "Data Source=(local);Integrated Security=SSPI;Initial Catalog=Master" conn.Open conn.Execute("print 'Foo'" & vbCrLf & "print 'Bar'" & vbCrLf & "raiserror ('xyz', 10, 127)") Dim error For Each error in conn.Errors MsgBox error.Description Next Then I only get "Foo" back, never "Bar" or "xyz". Is there a way to get the remaining messages?

  Read the article

• WCF: connecting to service over internet times out

  - by Shaul

  Still on the WCF learning curve: I've set up a self-hosted WCF Service (WSDualHttpBinding), which works fine on my own computer, which resides behind a firewall. If I run the client on my own computer, everything works great. Now I installed the client on a computer outside my network, and I'm trying to access the service via a dynamic DNS, like so: http://mydomain.dyndns.org:8000/MyService. My port forwarding issues were taken care of in a previous question; I can now see the service is up in my browser. But now when I try to run the client on the other machine, I get the following error message: "The open operation did not complete within the allotted timeout of 00:01:00. The time allotted to this operation may have been a portion of a longer timeout." I have disabled security on the service, so that's not it. What else might be preventing the connection from happening?

  Read the article

• Are there any e-commerce websites that use NoSQL databases

  - by Saif Bechan

  I have read a lot lately about 'NoSQL' databases such as CouchDB, MongoDB etc. Most of the websites I have seen using this are mainly text based websites such as The New York Times and Source forge. I was wondering if you could apply this to websites where payment is a huge issue. I am thinking of the following issues: How well can you secure the data Do these system provide an easy backup/restore machanism How are transactions handled commit/rollback I have read the following articles that cover some aspects: Can I do transactions and locks in CouchDB? Pros/Cons of document based database vs relational database In these posts the aspect of transactions if covered. However the questions of security and backups is not covered. Can someone shed some light on this subject? And if possible, does anyone know of some e-commerce websites that have successfully implemented the document based database.

  Read the article

• How to find what ActiveX control is referred on a web page?

  - by Sly

  I have developed a web application (ASP.NET Web Forms). One of my customer has very restrictive policies. When he accesses the web page, IE shows this message: Your security settings do not allow Web sites to use ActiveX controls installed on your computer. This page may not display correctly. As far as I know, we don't use ActiveX controls on our page. I did a "View Souce" and did not find anything suspect. How can I find what part of my page refers to an ActiveX. The application uses jQuery and a few jQuery plug-ins. Is there a tool/add-in like "Fire Bug" that I can use to list the ActiveX controls referred on a page?

  Read the article

• Symfony 2 - UrlGenerator::doGenerate is called before listener

  - by guyaloni

  I want to add to the context a parameter, so when login is called I can use it in the route (similar to _locale). I can add this piece of code in HttpUtils.php (as resetLocale), but i don't find it very clean. The reason I need it is the firewall redirection to the login controller, which I would like to have in its route a customized parameter. My problem is that my listener is called after UrlGenerator::doGenerate is called, so I get a MissingMandatoryParametersException. Here is my config.yml relevant code: services: mycompany.demobundle.listener.request: class: MyCompany\DemoBundle\RequestListener arguments: [@router, @security.context] tags: - { name: kernel.event_listener, event: kernel.request, method: onKernelRequest } Any idea???

  Read the article

• Django or Drupal, which one should I use that suits best my needs ?

  - by HJ-INCPP

  Hello, I want to learn and use Drupal or Django for the following: dynamic web sites, medium database, multi-level users, paypal integration, content managment, speed (developing), security I like MVC, ORM and object-oriented prg. Which is better to jump into ? Which one is more mature, powerful, understandable, object-oriented and easier to use by the time ? What about Python Spring ... Also, which of these 3 are better documented, are better for a cv and have more extensions? Known languages: php, java, mysql Thank you !

  Read the article

• Sanitize HTML before storing in the DB or before rendering? (AntiXSS library in ASP.NET)

  - by user102533

  I have an editor that lets users add HTML that is stored in the database and rendered on a web page. Since this is untrusted input, I plan to use Microsoft.Security.Application.AntiXsSS.GetSafeHtmlFragment to sanitize the HTML. Should I santiize before saving to the database or before rendering the untrusted input into the webpage? Is there an advantage in including the AntiXSS source code in my project instead of just the DLL? (Maybe I can customize the white list?) Which class file should I look in for actual implementation of the GetSafeHtmlFragment

  Read the article

• Facebook Api - Local development, Testserver, Liveserver ... How?

  - by Thijs Kaspers

  I'm working on a new website that uses the Facebook API for users to login and several implementations of the graph Api. My workflow usually is: Development on localhost Development using MAMP/XAMPP or similar software Push to server - testing domain A team of people can test the changes for a few days to see if everything works as planned. Push to server - live domain Changes are live for public Facebook uses the site URL in the appsettings and for security reasons, they will only redirect to that url... Problem is.. I have localhost and 2 different domains. How can I make this work? Ofcourse I could edit the hostsfile, but that only fixes it for localhost.. Still no solution for the testdomain. Please tell me this is somehow possible! I'm getting more and more depressed with the Facebook API.

  Read the article

• Is it possible to use Integrated Windows Auth when Server isn't on the domain?

  - by jskentzos

  Our production web servers ARE NOT part of the domain, but we'd like people to be able to log in automatically since they are logged into the domain on their PC. Is there anyway to get the browser (IE7+) to send the appropriate information to the server (IIS6) so I can retrieve the ServerVariables["AUTH_USER"] or ServerVariables["LOGON_USER"]? I presume the answer is no since if I set the security for windows auth to "on" and anonymous access to "off", then the server wouldn't know what do do with any user information for a domain which it has no knowledge of. I just want to know for sure before I give the SSO team a "not possible" answer.

  Read the article

• UNC path to a folder on my local computer

  - by xt_20

  Hi all, What's the UNC path to a folder on my local computer, and how can I access it? I have tried: 1. Security for the folder -- set to Everyone Full Control (for now!) 2. Sharing permissions -- set to Everyone Full Control (for now!) I can see the folder in \, but can't go in ( is not accessible.) Error message: "You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access pernmissions. The network location cannot be reached. For information about network troubleshooting, see Windows Help." My computer is not connected to a network.

  Read the article

• How to connect to a SQLite database in iphone

  - by Lee

  I am attempting converting an application from VB6 to an iphone app. In the VB version, the database is in Access. But, I have read that I need to convert it to SQLite. How I amend the following code to switch from Access to SQLite? cnList = new ADODB.Connection(); rsList = new ADODB.Recordset(); cnList.Provider = "Microsoft.Jet.OLEDB.4.0;"; cnList.ConnectionString = "Persist Security Info=False;"+CString("Data Source=cbe.mdb"); cnList.Open();

  Read the article

• Scoping in embedded groovy scripts

  - by Aaron Digulla

  In my app, I use Groovy as a scripting language. To make things easier for my customers, I have a global scope where I define helper classes and constants. Currently, I need to run the script (which builds the global scope) every time a user script is executed: context = setupGroovy(); runScript( context, "global.groovy" ); // Can I avoid doing this step every time? runScript( context, "user.groovy" ); Is there a way to setup this global scope once and just tell the embedded script interpreter: "Look here if you can't find a variable"? That way, I could run the global script once. Note: Security is not an issue here but if you know a way to make sure the user can't modify the global scope, that's an additional plus.

  Read the article

• Pass HTML form entries into a Javascript array to then be written to a client side cookie?

  - by Tom

  I'm building a bit of a test-case JS application, something very basic, but have run into some problems. I'm trying to use a HTML form for a user to enter a number, which is then written to a Javascript Array. The user then has the option to write that same array to a local (client side) cookie. (I understand the security implications of this - it's a test-case and not for commercial use.) However, I can't make the connection - how can I capture the HTML entry, press 'submit' which will send it to a JS array, where the user can then press a different 'submit' which will write the array to a text file? If anyone can help I'd appreciate it because it's been nearly 6 hours and it's not funny anymore.

  Read the article

• How do I make a hyperlink to a local executable?

  - by Scott Ferguson

  We have an Intranet website, and a WPF windows executable installed on every workstation. How can we create a hyperlink on the intranet website that will launch the locally installed executable? Ideally we want the launch to be seamless. Is there a way of setting the browsers trust settings so that it won't display a security warning dialog for this executable? We have full admin capabilities on each workstation, and each user only uses Internet Explorer. We also know the correct local path for the exe.

  Read the article

• Group SQL tables in Microsoft SQL Server Management Studio object explorer

  - by MainMa

  I have a table which has approximately sixty tables, and other tables are added constantly. Each table is a part of a schema. A such quantity of tables makes it difficult to use Microsoft SQL Server Management Studio 2008. For example, I must scroll up in object explorer to access database related functions, or scroll down each time I need to access Views or Security features. Is it possible to group several tables to be able to expand or collapse them in Object Explorer? Maybe a folder may be displayed for each schema, letting collapse the folders I don't need to use?

  Read the article

• Running a Java process in Windows even after the user is logged out

  - by Mani

  I have a batch file that starts a Java process in a Windows 2003 server. As per the security policy, the users of that machine are logged off forcefully, if the user is inactive for a certain period of time. The problem is that when the user is logged out, the process also dies. I scheduled a new task (Control Panel - Scheduled Tasks) and selected the option of 'When my computer starts' and gave the user account details there. But it doesn't seem to have any effect, the user is still logged out and the process dies. Is a reboot necessary to make this change effective? And after the reboot, will I achieve what I'm expecting (keeping the process alive)? Alternatively, will running this process as a Windows Service solve the problem? If so, can you please let me know how I can make a Java program or a batch file to run as a Windows Service? I would prefer not to use any other third party tools or libraries. Thanks

  Read the article

• Wordpress & Django -- One domain, two servers. Possible?

  - by DomoDomo

  My question is about hosting Django and Wordpress under one domain, but two physical machines (actually, they are VMs but same diff). Let's say I have a Django webapp at example.com. I'd like to start a Wordpress blog about my webapp, so any blog page rank mojo flows back to my webapp, I'd like the blog address t be example.com/blog. My understanding is blog.example.com would not transfer said page rank mojo. Because I'm worried about Wordpress security flaws compromising my Django webapp, I want to host Django and Wordpress on two physically separate machines. Given all that, is it possible using re-write rules or a reverse proxy server to do this? I know the easy way is to make my Wordpress blog a subdomain, but I really don't want to do that. Has anyone done this in the past, is it stable? If I need a third server to be a dedicated reverse proxy, that's totally fine. Thanks!

  Read the article

• buffer overflow with boost::program_options

  - by f4

  Hello, I have a problem using boost:program_options this simple program, copy-pasted from boosts' documentation : #include <boost/program_options.hpp> int main( int argc, char** argv ) { namespace po = boost::program_options; po::options_description desc("Allowed options"); desc.add_options() ("help", "produce help message") ("compression", po::value<int>(), "set compression level") ; return 0; } fails with a buffer overflow. I have activated the "buffer security switch", and when I run it I get an "unknown exception (0xc0000409)" when I step over the line desc.add_options()... I use Visual Studio 2005 and boost 1.43.0. By the way it does run if I deactivate the switch but I don't feel comfortable doing so... unless it's possible to deactivate it locally. So do you have a solution to this problem? EDIT I found the problem I was linking against libboost_program_options-vc80-mt.lib which wasn't the good library.

  Read the article

< Previous Page | 428 429 430 431 432 433 434 435 436 437 438 439  | Next Page >