w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
Redmine 2.3.2 svn HTTPs Server SSL certificate untrusted
Make sure that the certificate on VisualSVN Server matches it's hostname (it's case-sensitive)! --trust-server-cert won't automatically accept certificate with non-matching hostname since it's considered insecure.

Categories : Apache

How can I call a https endpoint by NSURLConnection sendSynchronousRequest in case of untrusted certificate?
You answered your question already yourself: By using sendSynchronousRequest I can't bypass this problem, because to bypass it, I need to set delegate for NSURLConnection, but in case of sendSynchronousRequest I cant' set delegate, delegate methods just called in case of async calls. You should really get used to the asynchronous style. The approach with a synchronous call within a dispatch_async call is suboptimal to say the least. The method sendSynchronousRequest is for beginners and toy apps. IMHO, Apple should really deprecate this method and remove it in the next iOSs. The method sendAsynchronousRequest:queue:completionHandler: is for demonstration purposes, sample apps, prove of concept, and very simple requests not using authentication and https. Finally, using the asynchr

Categories : IOS

Exception while try to connect to SSL (HTTPS) with untrusted certificate using Google App Engine(java)
You could use doNotValidateCertificate() FetchOptions to disable certificate checking when using urlFetchService.

Categories : Java

How to set "General->TargetName", "Debugging->Command" and "Linker->General->Output File"
Solved: Use dll for creating project with testlib.h and testlib.cp use windows project when you create the new project for main.cpp Executing this creates .exe file. Add .dll file in same folder as .exe file and it will work as per your need!

Categories : C

GUI application works fine, when jar started over console but bug if jar started by doubleclicking
I have found the solution: The reason for the error was, that the JVM allocated more memory, when I started it over the console, than with a doubleclick, even though I didn't pass any parameters over the console. I had an OutOfMemoryException. I fixed it by increasing the heapsize.

Categories : Java

Sanitizing untrusted HTML5
You might be able to do something along the lines of: preg_replace('/<s*iframes+[^>]*>.*<s*/s*iframes+[^>]*>/i', '', $html); preg_replace('/<s*scripts+[^>]*>.*<s*/s*scripts+[^>]*>/i', '', $html); preg_replace('/s+onloads+=s+"[^"]+"/i', '', $html); ... but then again: you have RegExes, now you have two problems - this might remove more than wanted and leave more than wanted as well. But since HTML Purifier is probably the most modern and well suited (and open source) project you should still use that one and maybe make adjustments if you really need them. You can check out one of the following as well: kses - de facto standard, found a way into wordpress as well htmLawed - an further developed kses PHP Input Filter - can filter tags and attributes

Categories : HTML

Can Lupa be used to run untrusted lua code in python?
From looking at the Lupa doc: Restricting Lua access to Python objects Lupa provides a simple mechanism to control access to Python objects. Each attribute access can be passed through a filter function as follows... It doesn't say anything about preventing or limiting access to facilities provided by Lua itself. If no other modifications are done to the LuaRuntime environment then a lua script can indeed do something like os.execute("rm -rf *"). To control what kind of environment the lua script works in you can use the setfenv and getfenv to sandbox the script before running it. For example: import lupa L = lupa.LuaRuntime() sandbox = L.eval("{}") setfenv = L.eval("setfenv") sandbox.print = L.globals().print sandbox.math = L.globals().math sandbox.string = L.globals()

Categories : Python

download untrusted certifcate in Chrome (Mac)
It turns out that the way to go is using the lock-icon next to the url. You can drag the certificate icon to, for example, you desktop. It is explain here.

Categories : Osx

Executing untrusted SQL with SELECT only user
The problem with this, is i'm not sure if the sql itself will still continue to run in the background after a session timeout (can't really find much evidence either way via google and haven't had any real experience where I've attempted it myself either). If you're limiting to just select access, i think this is about the worst that could happen though. The real issue would be what happens if you got a hundred users trying to do complex cross joins? Session timeout dropping the query or not, it'll put a real heavy load on the database (could very easily be enough to pull the database down entirely)

Categories : SQL

C#, Metro, Stream Socket, SSL Untrusted Host, Squid
I did it by modifying the Control of the StreamSocket that way : _streamSocket.Control.IgnorableServerCertificateErrors.Add(ChainValidationResult.Untrusted); _streamSocket.Control.IgnorableServerCertificateErrors.Add(ChainValidationResult.InvalidName); ChainValidationResult contains multiple options, choose the one best suited for you.

Categories : C#

Chrome doesn't load untrusted SSL content in iframe
This problem cause while ssl integration not completed properly. Some details available here : https://support.mozilla.org/en-US/kb/connection-untrusted-error-message If you are using amazon and godaddy server combination let me know I can provide the working guide to fix this issue.

Categories : Google Chrome

Python Selenium Webdriver to open untrusted connections
This appears when the browser does not accept/trust the certificate of the website. To accept the certificate for Firefox, you can run this: ProfilesIni profile = new ProfilesIni(); FirefoxProfile myprofile = profile.getProfile("default"); myprofile.setAcceptUntrustedCertificates(true); myprofile.setAssumeUntrustedCertificateIssuer(true); WebDriver driver = new FirefoxDriver(myprofile);

Categories : Python

SVN - Server SSL certificate untrusted from post-commit hook
I have fixed this by issuing new certificate with Common Name (CN) equal to server name. I was able to use certificate with CN server name mismatch from browsers (with warnings) and svn command line. But was not able to use certificate within batch file which is called from Jenkins. I use SVN client 1.8.1 under Win32. I have also tried before, but it does not helped: --trust-server-cert svn client command line parameter. It does not resolve the issue alone, but it might be required. (More info at http://svnbook.red-bean.com/en/1.7/svn.ref.svn.html) Install CA cert to my Windows host (More info at Trust SSL certificate to local system account) Provide CA cert for SVN client in file C:Users{username}AppDataRoamingSubversionservers, key ssl-authority-files (More info at SVN 1.7 Quickstar

Categories : Svn

What security privileges does Jython need, to successfully run untrusted Python code?
Have a look at the java sandbox project (http://blog.datenwerke.net/p/the-java-sandbox.html). It allows you to flexibly set up the security manager and be more specific in terms of which classes are allowed to do what. Nevertheless, really securing arbitrary user code is difficult, especially if the language implementation in question (in your case jython) does not try to use minimal privieleges (for example, expects to use reflection, classloaders and the likes).

Categories : Security

Facebook like button https issue: protocol mismatch from http and https
Reviewing the js code on Facebook there are multiple urls containing hard coded strings for http://static .../rsrc.php it's possible those are the files triggering the error. This may be something Facebook needs to update. On a side note, it may be possible to download that js file from Facebook and store it on your server and remove the hard coded http string. I would test this further but I am on my phone at the moment.

Categories : Facebook

when using https, https can't find codeigniter controllers. Running Centos
Change this line : RewriteRule ^(.*)$ index.php?/$1 [L] to : RewriteRule ^(.*)$ /index.php?/$1 [L] The .htaccess would otherwise be redirected relatively to a index.php in the join folder, which off course is not there.

Categories : PHP

Once https page is visited, all subsequent pages are served from https
ok I think I found the reason. The links I am visiting are relative, so "/forum" for example. Once https is in the browser it seems like visiting a relative address is leaving the root as https:// and appending the relative path. I believe the fix here will be to use the full path for the link instead of relative.

Categories : Htaccess

How do you enable https and http->https redirects in ring / compojure
It's possible to serve HTTPS with clojure, but it's much more popular to put nginx or something like that in front of your ring server. If you can figure out how to configure jetty, though, run-jetty clearly supports SSL.

Categories : Http

Is there a way to let the user chose whether or not trust the site when we try to use NSURLConnection to connect with SSL for an untrusted cert?
As an example you can save the challenge object to a property and then implement the alertView:clickedButtonAtIndex: delegate method like this (this is for the "trust just once"): - (void)alertView:(UIAlertView *)alertView clickedButtonAtIndex:(NSInteger)buttonIndex { if(buttonIndex == alertView.cancelButtonIndex) { [[self.challenge sender] cancelAuthenticationChallenge:self.challenge]; } else { [self.challenge.sender useCredential:[NSURLCredential credentialForTrust:self.challenge.protectionSpace.serverTrust] forAuthenticationChallenge:self.challenge]; self.challenge = nil; } } If you want to trust always you will need to do some more complex things to save and compare the server certificate data. Or make it simple and unsafe by saving th

Categories : IOS

How can i convert links to https when server providing https?
If you remove the http:// portion and use instead: <script type="text/javascript" src="//static.monstermmorpg.com/js_files/jquery-1.9.1.min.js"></script> It should request based on the current scheme being used.

Categories : C#

Can https fallback to http and security level of https
No, HTTPS never falls back to HTTP automatically. It would take deliberate action by the user. If you're just going to a web page by putting its URL into the address bar, this is easy; for form submission it's harder. Yes, sending plain text over SSL is fine. In fact, sending a hashed password doesn't really increase security much at all -- if someone manages to sniff the connection and gets the hashed password, that's all they need to be able to login to the site. It has one small advantage: if the user uses the same password at multiple sites, learning the hashed password for one site doesn't help them get into another site that uses a different (or no) hash. And it's not likely to be feasible to send salted hashes, since the client doesn't know the salt. A cnonce adds an extra level

Categories : Asp Net

Redirect all http AND https non-www URLS to https://www.xyz.com via htaccess
In case anyone from the future (HELLO PEOPLE OF THE FUTURE) stumble across this, I asked the same question and had it answered over at Server Fault. Short version: impossible. Long version: http://serverfault.com/questions/523199/redirect-all-http-and-https-non-www-urls-to-https-www-example-com-via-htaccess

Categories : Htaccess

HTTPS GET request to https://www.googleapis.com/plus/v1/people/me
Create a Google_Oauth2Service object (put it under the $plus initialization), like: $client = new Google_Client(); $plus = new Google_PlusService($client); $oauth2 = new Google_Oauth2Service($client); and after succesfully authenticating the client use: $userInfo = $oauth2->userinfo->get(); $email = $userInfo['email'];

Categories : PHP

IHttpHandler to redirect "https://example.com" to "https://www.example.com"?
If you use IIS7, you might want to try URL Rewrite Module. http://www.4guysfromrolla.com/articles/072810-1.aspx http://www.jppinto.com/2010/03/automatically-redirect-http-requests-to-https-on-iis7-using-url-rewrite-2-0/

Categories : Asp Net

Trouble Connecting to sql server Login failed. "The login is from an untrusted domain and cannot be used with Windows authentication"
Why not use a SQL Server account and pass both the user name and password? Here is the reason why. In short, it looks like you have an authentication issue. The problem with workgroups is there is no common Access Control List like Active Directory (AD). If you are using ODBC or JDBC, the wrong credentials are passed. Even if you create a local windows account (LWA) on the machine (SE) that has SQL Express installed (SELWA), the credentials that will be passed from your client machine (CM) will be CMLWA.

Categories : Sql Server

validating untrusted HTML input do I have to process each input?
Yes this is a good idea. I would go as far as to say if you don't your are an idiot. When storing the data in a database use prepared statements and bound parameters. If you use that (like you should) you don't have to manually escape the data going into the database. Now for displaying the data it depends what you want to allow and where you are going to output it. If it will be displayed on a HTML page and you don't want to allow any HTML to be rendered use htmlspecialchars($content, ENT_QUOTES). You almost never have to use htmlentities because that will convert ALL characters for which there is an HTML entity. Meaning it will make your document unnecessary bigger. If you want to allow some HTML you would have to filter it before displaying it (using HTML purifier). Please note that d

Categories : PHP

How do I get the process ID of a process that is started by cmd line (which is started by me)?
This link is very useful // Get the current process. Process currentProcess = Process.GetCurrentProcess(); // Get all instances of Notepad running on the local // computer. Process [] localByName = Process.GetProcessesByName("notepad"); // Get all instances of Notepad running on the specifiec // computer. // 1. Using the computer alias (do not precede with "\"). Process [] remoteByName = Process.GetProcessesByName("notepad", "myComputer"); // 2. Using an IP address to specify the machineName parameter. Process [] ipByName = Process.GetProcessesByName("notepad", "169.0.0.0"); // Get al

Categories : C#

How to redirect from url: https://myfavourite.test.com/Account/LogOn?ReturnUrl=/ to url: https://myfavourite.test.com/ using IIS7.5
I followed the steps mentioned in the below mentioned article and it helped me. http://www.trainsignal.com/blog/iis7-url-rewrite-extension-on-windows-server-2008 I used the Redirect option and then added a Blank rule with the following regular expression: account$|account/(?!LogOff) and that helped me to resolve the redirection issue.

Categories : Asp Net Mvc

apache redrict 301 from https://www.domain.com to https://domain.com
If you request https://www.meinedomain.de/ and your cert isn't authorized for www.meinedomain.de, then you'll get a security warning regardless of how you redirect. The redirect can only happen after they accept the security exception. Make sure you've put those rules in the SSL vhost's config, not the non-SSL one. Apache usually has them separate. If that still doesn't work, you can try just putting this in an htaccess file in your document root: RewriteEngine On RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} ^www.meinedomain.de$ [NC] RewriteRule (.*) https://meinedomain.de%{REQUEST_URI} [R=301,L]

Categories : Apache

SQL In General / QODBC
try Select CustomerRefFullName from invoice UNOPTIMIZED where refNumber in ('5383', '5408') or Select CustomerRefFullName from invoice NOSYNC where refNumber in ('5383', '5408')

Categories : SQL

General C program
It checks that two linked lists contain the same values. Obviously, if one list is shorter, they are not identical (point B). Note: I think using here break/return would be a better choice, it makes the code more readable. Note2: as noted on the comments, those should be logical operators. It works as it is, but it's a bit confusing. Note3: You could move the test before the loop inside the loop (while(1)), this would eliminate the need for the test at the end of the loop. This is just an ugly code, it should be about 5 lines of code, not a dozen... bool sameValues (chainCell *x, chainCell *y) { while(1) { if (!x && !y) return true; if (!x || !y) return false; if (x->data != y->data) return false; x = x->next; y = y->next; }

Categories : C

General terminology put into context
This is largely an opinionated question. But I will attempt to provide the some terms commonly used by the Node community, and roughly the factual differences between them. Module as it pertains to Node is very similar to what you would associate with a Java Library. It provides a wrapper around things that Node users find they do a lot. Frequently providing wrappers around node library functions for doing things everyone wants to do. A simple example would be a recursive file system reader, like wrench. Modules also extend to files you use to modularize your code. For example, modules aren't only installed via NPM, but separate javascript files you write as part of your code base to separate code functionality, under standard OOP practices. require('someNPMINStalledModule') re

Categories : Node Js

Where to put general language adjustment?
http://msdn.microsoft.com/en-us/library/system.globalization.cultureinfo.aspx When a new application thread is started, its current culture and current UI culture are defined by the current system culture, and not by the current thread culture. Isn't this your case?

Categories : Asp Net

General Structure for ASP.NET Enterprise(ish) App
If you want to rid yourself of all the authentication / authorization hassles, absolutely go for claims-based applications, WIF, ADFS etc. That's the Microsoft direction - CMS, SP. Office 365. Windows Azure AD etc. are all now claims-based. Only problem is that ADFS authenticates against AD. Have a look at Identity Server for something DB related. Plus ADFS via ACS provides Facebook, Google etc. logons.

Categories : Asp Net

What's the idiomatic way to do general logging in PHP?
I've been a long time user of Log4PHP, and I can highly recommend it. :) But the question about doing proper logging is rather difficult. I use Log4PHP in an enterprise environment where there are multiple applications that all use the same logging, and they also assume that the logger is correctly configured and ready to use. So it's basically a very easy "I assume the same logging is available everywhere" situation. Developing modules for others to use is a completely different task. You could possibly use your own internal logging, but where do you write those log messages to? It can be considered bad behavior if your module unexpectedly fills the hard drive. It would also be a requirement for your module to log to that target that the rest of the application is logging to. If your m

Categories : PHP

General behaviour of concatenation
You answered your own question. "to run directly and avoid opening a subshell". The >& is a shell syntax which is not interpreted if you're not using a shell to execute that command. The second case works since that's the behaviour when passing a single argument to system() (opening a shell). By the way, take a look on what the page that you linked to says: system() accepts as argument either a scalar or an array. If the argument is a scalar, system() uses a shell to execute the command (/bin/sh -c command); if the argument is an array it executes the command directly,

Categories : Perl

general sql exception logging
Use: AppDomain currentDomain = AppDomain.CurrentDomain; currentDomain.UnhandledException += new UnhandledExceptionEventHandler(MyExceptionHandler); http://msdn.microsoft.com/es-es/library/system.appdomain.unhandledexception.aspx

Categories : C#

class inheriting from general

You css should look like this .parent > h2 { font-weight:bold; color:red; } .child h2 { font-weight:normal; color:green; } check it here http://jsfiddle.net/yNFUd/

Categories : CSS

Otsu Threshold in general
Sure, why not? The algorithm doesn't know what the values mean, it just separates the values into two classes. You just have to make sure that the code you're using iterates over the full range of your int values.

Categories : Misc

Can typedef used for vector in general?
C++11 aliases allows this: #include <vector> template<class T> using Vec = std::vector<T>; Vec<int> v; // same as std::vector<int> v; also see this And in a similar fashion, you can rewrite the typedefs in C++11, as: using container1 = std::vector<int>; using container2 = std::vector<char>; These are exactly same as the typedefs in your question.

Categories : C++



© Copyright 2017 w3hello.com Publishing Limited. All rights reserved.