Search Results

Search found 3528 results on 142 pages for 'safe'.

Page 98/142 | < Previous Page | 94 95 96 97 98 99 100 101 102 103 104 105  | Next Page >

• Removing unused selectors in a CSS stylesheet?

  - by Legend

  I've been developing a web app for a few weeks now and ended up with about a 1000 lines. I am sure not all the selectors are being used and am trying to clean it up. At the same time, I don't want to do it manually for obvious reasons. Is there a safe and an efficient way to remove unused selectors? For this, am I supposed to navigate the entire website to let it know which selectors are not being used? (I use javascript to add some selectors so these might not show up until a particular usecase is seen)

  Read the article

• Would you make this method Static or not?

  - by Adam Drummond

  During a code review I presented a method quickly to the team that I had made static and one person agreed that there was no reason for it to not be static and a person disagreed saying that he would not make it static because it wasn't necessary and just to be on the safe side for future modifications and testing. So I did quite a bit of research and obviously it's a specialized case but I would like to know what you would do in this situation and why? (Its basically a helper method I call from a few different methods, a very low traffic page. More for my knowledge and learning on Static.) private IEnumerable<Category> GetCategoryByID(int id, Context context) { var categoryQuery = from selectAllProc in context.SelectAll_sp() where selectAllProc.CategoryID == id select selectAllProc; return categoryQuery; }

  Read the article

• How to assess the risk of a java version upgrade?

  - by Roy Tang

  I'm being asked to assess whether we can safely upgrade the java version on one of our production-deployed webapps. The codebase is fairly large and we want to avoid having to regression test everything (no automated tests sadly), but we've already encountered at least one problem during some manual testing (XmlStringReader.getLocalName now throws an IllegalStateExeption when it just used to return null) and higher-ups are pretty nervous about the upgrade. The current suggested approach is to do a source compare of the JDK sources for each version and assess those changes to see which ones might have impact, but it seems there's a lot of changes to go through (and as mentioned the codebase is kinda large). Is it safe and easier to just review the java version changes for each version? Or is there an easier way to conduct this assessment? Edit: I forgot to mention the version upgrade being considered is a minor version upgrade, i.e. 1.6.10 to 1.6.33

  Read the article

• Encrypting password in compiled C or C++ code

  - by Daniel

  Hello!, I know how to compile C and C++ Source files using GCC and CC in the terminal, however i would like to know if its safe to include passwords in these files, once compiled. For example.. i check user input for a certain password e.g 123, but it appears compiled C/C++ programs is possible to be decompiled. Is there anyway to compile a C/C++ source file, while keeping the source completely hidden.. If not, could anyone provide a small example of encrypting the input, then checking against the password e.g: (SHA1, MD5)

  Read the article

• Aren't passwords written in inputbox vulnerable through a stack trace ?

  - by loursonwinny

  Hello, I am not a guru of the stack tracing, at all. I even don't know how to get some. Anyway, I am wondering if entering a password entered in an inputbox is safe. Can't it be retrieved by getting a stack trace ? A password entered that way will be found in many places : Caption property of the TEdit Result of the function which creates the inputbox probably, a variable that stores the Result of the InputBox Command etc... If the answer is "yes, it is a vulnerability", then my world collapses :p. What can be done to avoid that vulnerability hole ? NOTE : The InputBox is an example but it can be with a "homebrewed" login prompt. InputBox is a Delphi command but I haven't tagged the question with the Delphi tag because I suppose that the question concerns any language. Thanks for reading

  Read the article

• How do I handle user authorization the safest way?

  - by Irro

  I'm developing a small website where I'm going to allow user to create accounts but I'm quite clueless when it comes to safety around authorizations. I have built my project in PHP with codeigniter and found a library (Tank Auth) that could handle authorization for me. It stores password in a safe way but I'm still worried about the part when the user sends their password to my server. One easy way to do it would be to send the password in a post-request but I would guess that it's quite easy to sniff such a password. Should I do something with the password on the client side before sending it to my server? And is there any good javascript libraries for this?

  Read the article

• How to protect access to a url?

  - by ibiza

  I would need to create a php file that will do some work on my webserver and that will be called from a program on another server over the internet. Suppose the php file that will do the work is located at www.example.com/work.php What is the best way to protect unsollicited calls to the www.example.com/work.php? What I need is some mechanism so that when the intended program accesses the url (with some query string parameters), the work gets done, but if somebody type www.example.com/work.php in their browser, access will be denied and no work will be done. The way I've thought is to add some 'token' in the querystring that would be constructed by some algorithm from the calling program, a sample result could be to append to the url : ?key=randomKeyAtEachCall&token=SomeHexadecimalResultCalculatedFromTheKey and the key and token would be validated with a reverse algorithm on the php side. Is that safe, Are there any better idea?

  Read the article

• Transaction within transaction

  - by user281521

  Hello, I want to know if open a transaction inside another is safe and encouraged? I have a method: def foo(): session.begin try: stuffs except Exception, e: session.rollback() raise e session.commit() and a method that calls the first one, inside a transaction: def bar(): stuffs try: foo() #<<<< there it is :) stuffs except Exception, e: session.rollback() raise e session.commit() if I get and exception on the foo method, all the operations will be rolled back? and everything else will work just fine? thanks!!

  Read the article

• Can I use memcpy in C++ to copy classes that have no pointers or virtual functions

  - by Shane MacLaughlin

  Say I have a class, something like the following; class MyClass { public: MyClass(); int a,b,c; double x,y,z; }; #define PageSize 1000000 MyClass Array1[PageSize],Array2[PageSize]; If my class has not pointers or virtual methods, is it safe to use the following? memcpy(Array1,Array2,PageSize*sizeof(MyClass)); The reason I ask, is that I'm dealing with very large collections of paged data, as decribed here, where performance is critical, and memcpy offers significant performance advantages over iterative assignment. I suspect it should be ok, as the 'this' pointer is an implicit parameter rather than anything stored, but are there any other hidden nasties I should be aware of?

  Read the article

• Can I use WCF NET.TCP Protocol from Silverlight 4 for a public website ?

  - by pixel3cs

  Does anyone know if the new NET.TCP feature of Silverlight 4 can be used for public websites ? From what I know, in the Silverlight 4 Beta they announced that WCF NET.TCP can only be used for intranet applications. The reason I am asking this is because I want to recode my Silverlight multiplayer chess game (build with SL 3 Sockets support) based on the new SL 4 WCF TCP communication protocol. My Socket implementation is build from scratch and have big issues with thread safe and few unsolvable bugs from my side. I am sure that SL 4 team did a great job and they simplified all hard part for me, letting us, developers, concentrate more on the game code instead on underlying communication layers.

  Read the article

• STL deque accessing by index is O(1)?

  - by jasonline

  I've read that accessing elements by position index can be done in constant time in a STL deque. As far as I know, elements in a deque may be stored in several non-contiguous locations, eliminating safe access through pointer arithmetic. For example: abc-defghi-jkl-mnop The elements of the deque above consists of a single character. The set of characters in one group indicate it is allocated in contiguous memory (e.g. abc is in a single block of memory, defhi is located in another block of memory, etc.). Can anyone explain how accessing by position index can be done in constant time, especially if the element to be accessed is in the second block? Or does a deque have a pointer to the group of blocks? Update: Or is there any other common implementation for a deque?

  Read the article

• MD5 password twice

  - by NoviceCoding

  I know MD5's safety is under question lately and this is the reason a lot of people are using salt (I dont understand this at all btw) but I was wondering if you wanted to easily implement a safe system in php can you just md5 something twice? like test 098f6bcd4621d373cade4e832627b4f6 fb469d7ef430b0baf0cab6c436e70375 So basically: $val = 'test'; $val = md5($val); $val = md5($val); Would that solve the whole rainbow security stuff? Is there an easy/noob proof way of making secure database passwords in php?

  Read the article

• How to recalculate primary index?

  - by JohnM2

  I have table in mysql database with autoincrement PRIMARY KEY. On regular basis rows in this table are being deleted an added. So the result is that value of PK of the latest row is growing very fast, but there is not so much rows in this table. What I want to do is to "recalculate" PK in this way, that the first row has PK = 1, second PK = 2 and so on. There are no external dependencies on PK of this table so it would be "safe". Is there anyway it can be done using only mysql queries/tools? Or I have to do it from my code?

  Read the article

• How do to check to see if the user has a Google account.

  - by skrat

  Is there any safe way to detect, on a web page, client side (JS), whether user has an Google/Yahoo/Live/? account? I know about some suspicious ways to do this by styling visited links and then sneaking on computed style attribute, but it's more of a hack, Mozilla and maybe other are planning to crack down on this, as it might be abused. But I need this to allow users more integration with their identity providers, like: Have a Google account? ~ load contacts for sharing from Google Contacts API Have an Yahoo account? ~ load contacts for sharing from Yahoo Contacts API none of the above? show no link I don't want to provide all these options to all visitors, would be nice if I can detect the account, and provide integration only in that case.

  Read the article

• c# Create a unique name with a GUID

  - by Dave Rook

  I am creating a back up solution. I doubt there is anything new in what I'm trying to achieve. Before copying the file I want to take a backup of the destination file in case anything becomes corrupt. This means renaming the file. I have to be careful when renaming in case the file already exists and adding a 01 to the end is not safe. My question is, based upon not finding the answer else where, would adding a GUID to the file name work. So, if my file was called file01.txt, renaming the file to file01.txtGUID (where GUID is the generated GUID), I could then perform my back up of that file (at this instance having 2 back ups) and then, after ensuring the file has copied (by comparing length of file to the source), delete the file with the GUID in the name. I know the GUID is not 100% guaranteed to be unique but would this suffice?

  Read the article

• Can Parallel.ForEach be used safely with CloudTableQuery

  - by knightpfhor

  I have a reasonable number of records in an Azure Table that I'm attempting to do some one time data encryption on. I thought that I could speed things up by using a Parallel.ForEach. Also because there are more than 1K records and I don't want to mess around with continuation tokens myself I'm using a CloudTableQuery to get my enumerator. My problem is that some of my records have been double encrypted and I realised that I'm not sure how thread safe the enumerator returned by CloudTableQuery.Execute() is. Has anyone else out there had any experience with this combination?

  Read the article

• Why is the 'this' keyword not a reference type in C++ [closed]

  - by Dave Tapley

  Possible Duplicates: Why ‘this’ is a pointer and not a reference? SAFE Pointer to a pointer (well reference to a reference) in C# The this keyword in C++ gets a pointer to the object I currently am. My question is why is the type of this a pointer type and not a reference type. Are there any conditions under which the this keyword would be NULL? My immediate thought would be in a static function, but Visual C++ at least is smart enough to spot this and report static member functions do not have 'this' pointers. Is this in the standard?

  Read the article

• How to build a builder dynamically with escaped values

  - by dorelal

  Now I know how to build xml without escaping values. http://stackoverflow.com/questions/2693036/how-to-tell-bulider-to-not-to-escape-values However I need to build tags dynamically. Desired result <bank_info>Chase</bank_info> What I have is attr = 'bank_info' builder = Builder::XmlMarkup.new builder.attr { |x| x << 'bank_info' } # does not work I can try making the whole thing as a giant string and eval that. But evaling is not that safe. Is there a better option that I am missing.

  Read the article

• Can I assume Flash and PHP will generate the same floating point numbers?

  - by Fragsworth

  In a multiplayer game I'm developing, we have a few values that are floating point numbers. The back-end (in PHP) and the front-end (in Flash) occasionally perform the same calculations on these numbers, to minimize communication. I am currently making sure that both sides are using 64-bit doubles, but am I safe to assume that all calculations will be the same? For instance, what about string to float conversion - should I worry about Flash having a potentially different implementation as PHP? (If this happens, our game will go out of sync - the client will think it is in one state while the server is in another) With some testing, it appears to be the same, but I'm just not sure. Can someone clarify this for me?

  Read the article

• PHP Security checklist (injection, sessions etc)

  - by NoviceCoding

  So what kind of things should a person using PHP and MySql be focused on to maximize security. Things I have done: -mysql_real_escape_string all inputs -validate all inputs after escaping em -Placed random alpha numerics before my table names -50character salt + Ripemd passwords Heres where I think I am slacking: -I know know nothing about sessions and securing them. How unsafe/safe is it if all you are doing is: session_start(); $_SESSION['login']= $login; and checking it with: session_start(); if(isset($_SESSION['login'])){ -I heard something about other forms of injection like cross site injection and what not... -And probably many other things I dont know about. Is there a "checklist"/Quicktut on making php secure? I dont even know what I should be worried about.I kinda regret now not building off cakephp since I am not a pro.

  Read the article

• Why does Visual Studio's "Unused References..." button not flag System.Xml and System.Xml.Linq?

  - by mcjabberz

  I was trying to finish up a VB.NET class library project when I tried to remove all unused references. I know for a fact that I'm not explicitly using any thing from the System.Xml and System.Xml.Linq assemblies yet the "Unused References..." button never flags them for removal. In fact I even tried "Unused References..." on a blank project and it still never flagged them. The only reason I could think of is that either mscorlib.dll or System.dll is using System.Xml.dll or System.Xml.Linq.dll. Are they safe to remove?

  Read the article

• Java - Thread safety of ArrayList constructors

  - by andy boot

  I am looking at this piece of code. This constructor delegates to the native method "System.arraycopy" Is it Thread safe? And by that I mean can it ever throw a ConcurrentModificationException? public Collection<Object> getConnections(Collection<Object> someCollection) { return new ArrayList<Object>(someCollection); } Does it make any difference if the collection being copied is ThreadSafe eg a CopyOnWriteArrayList? public Collection<Object> getConnections(CopyOnWriteArrayList<Object> someCollection) { return new ArrayList<Object>(someCollection); }

  Read the article

• iphone threading speed up startup of app

  - by BahaiResearch.com

  I have an app that must get data from the Sqlite database in order to display the first element to the User. I have created a domain object which wraps the DB access and is a thread safe singleton. Is this following strategy optimal to ensure the fastest load given the iPhone's file access and memory management capabilities in threaded apps: 1) In the AppDelegate's FinishedLaunching event the very first thing I do is create the domain singleton within a new thread. This will cause the domain object to go to Sqlite and get the data it needs without locking the UI thread. 2) I then call the standard Window methods to add the View and MakeKeyAndVisible etc. Is there an earlier stage in the AppDelegate where I should fire off the thread that creates the Domain Object and accesses Sqlite?

  Read the article

• Established javascript solution for secure registration & authentication without SSL

  - by Tomas

  Is there any solution for secure user registration and authentication without SSL? With "secure" I mean safe from passive eavesdropping, not from man-in-the-middle (I'm aware that only SSL with signed certificate will reach this degree of security). The registration (password setup, i.e. exchanging of pre-shared keys) must be also secured without SSL (this will be the hardest part I guess). I prefer established and well tested solution. If possible, I don't want to reinvent the wheel and make up my own cryptographic protocols. Thanks in advance.

  Read the article

• varnish invalidate url REGEX from backend

  - by ooouuiii

  Say I have some highly-visited front-page, which displays number of some items by categories. When some item is added / deleted I need to invalidate this front-page/url and some 2 others. What is the best practice how to invalidate those urls from backend in Varnish (4.x)? From what I captured, I can: implement my HTTP PURGE handler in VCL configuration file, that "bans" urls matching received regex from backend to Varnish, send 3x HTTP PURGE requests for those 3 urls. But is this approach safe for this automatic usage? Basicly I need to invalidate some views everytime some related entity is inserted/updated/deleted. Can it lead to ban list cumulation and increasing CPU consumption? Is there any other approach? Thanks.

  Read the article

< Previous Page | 94 95 96 97 98 99 100 101 102 103 104 105  | Next Page >