Displaying 20 results from an estimated 700 matches similar to: "XSS (was Re: Centos 5.3 -> Apache - Under Attack ? Oh hell....)"
2015 Sep 24
0
php DOMDocument and entities
This is not CentOS specific but I hope someone here knows so I do not
have to subscribe to another list.
I'm using php DOMDocument to create an XSL that needs a non-breaking
space between two values.
Basically:
$xslvalueof = $dom->createElement('xsl:value-of');
$xslvalueof->setAttribute('select', '../@month');
$caption->appendChild($xslvalueof);
2011 Jan 04
0
Package animation update (v2.0-0)
Hi,
The animation package 2.0-0 is on CRAN now. This version is a
milestone of the animation package. It includes a new function
saveHTML() which uses a much more elegant interface and is consistent
in syntax with other save*() functions such as saveMovie(), saveSWF()
and saveLatex(). Lots of demos have been added to demonstrate the
flexibility of this package, e.g. now we can get the snapshots
2011 Jan 04
0
Package animation update (v2.0-0)
Hi,
The animation package 2.0-0 is on CRAN now. This version is a
milestone of the animation package. It includes a new function
saveHTML() which uses a much more elegant interface and is consistent
in syntax with other save*() functions such as saveMovie(), saveSWF()
and saveLatex(). Lots of demos have been added to demonstrate the
flexibility of this package, e.g. now we can get the snapshots
2011 Jan 10
0
Package animation update 2.0-1
Hi,
The package animation 2.0-1 is on CRAN now
(http://cran.r-project.org/package=animation).
? ? ? ? ? ? ? ? ?CHANGES IN animation VERSION 2.0-1
NEW FEATURES
? ?o demo('Xmas_card') contributed by Yuan Huang
? ?o demo('flowers') to show how to download images from the Internet
?and create an animation
? ?o a new function pdftk() as a wrapper to call the Pdftk toolkit
2011 Jan 10
0
Package animation update 2.0-1
Hi,
The package animation 2.0-1 is on CRAN now
(http://cran.r-project.org/package=animation).
? ? ? ? ? ? ? ? ?CHANGES IN animation VERSION 2.0-1
NEW FEATURES
? ?o demo('Xmas_card') contributed by Yuan Huang
? ?o demo('flowers') to show how to download images from the Internet
?and create an animation
? ?o a new function pdftk() as a wrapper to call the Pdftk toolkit
2006 Jan 09
3
XSS prevention with Rails
Hi!
I wanna take a stab at implementing better XSS prevention for Rails.
This time for real =)
I''m wondering what would be the better way, clean everything up with
tidy first and then do the rest with regexp or regexp all the way?
Anybody done this before?
Thanks!
Ciao!
Florian
2006 Jan 26
0
Article about protecting Rails apps from XSS attacks
Cross-Site scripting (XSS) attacks have been appearing lately, so I
wrote up an article about one way to protect yourself. It''s pretty
easy to use and, for those who care, I go into some of metaprogramming
techniques I used to create it. Check it out at
http://blog.explorationage.com/articles/2006/01/25/how-to-protect-your-rails-apps-against-cross-site-scripting-attacks
Justin
p.s. My
2012 Aug 10
0
Missing earlier versions work around for "XSS Vulnerability in strip_tags"
The rubyonrails-security announcement for CVE-2012-3465 "XSS
Vulnerability in strip_tags" mentions that a work around for earlier
versions should be attached, but there''s none, only patches for 3.0
series and up.
Is the work around available? If so, where can I get hold of it?
Thanks in advance,
Peter
--
Posted via http://www.ruby-forum.com/.
--
You received this message
2010 Feb 02
0
[Security] Loofah has an HTML injection / XSS vulnerability, please upgrade to 0.4.6
Synopsis
----------
Loofah::HTML::Document#text emits unencoded HTML entities prior to
0.4.6. This was originally by design, since the output of #text is
intended to be used in a non-HTML context (such as generation of
human-readable text documents).
However, Loofah::XssFoliate''s default behavior and
Loofah::Helpers#strip_tags
both use #text to strip tags out of the output, meaning that
2009 Sep 04
0
Question on the XSS Security Patch
After reading this security bulletin:
http://groups.google.com/group/rubyonrails-security/msg/7f57cd7794e1d1b4?pli=1
I am a bit confused as to which patch I should apply. My application is
currently running on a frozen copy of Rails 2.2.2. Reading the bulletin
it appears that I should instead the 2-2-CVE-2009-3009.patch for the
"2.2 series" of Rails. However, the patch introduces a
2006 May 05
4
Is sanitize() strong enough to protect me from XSS?
Haven''t been able to find a good enough answer on whether using
sanitize() is enough to really protect me from XSS attacks
I basically have a blog page that I want to allow people to display
comments on but would like to allow html tags to be posted on the
comments, these could html tags like the imageshack img tags, youtube
player, photobucket img tags etc
any other approaches or
2011 Feb 01
1
Setting maximum value of the legend on an image.plot and animation
Hello,
I'm doing the following:
library(ncdf)
library(fields)
library(animation)
saline <- open.ncdf("salinity_1990.nc")
salt = get.var.ncdf(nc=saline, varid="Salinity")
# create an animation of the complete temporal domain in the ncdf file.
saveHTML({
for (i in 1:364) {
image.plot(salt[, , i])
}
}, img.name = "salinity.img",
2016 Apr 30
4
E-mail advice sought
I'm working on setting up an e-mail service.
I've got the e-mail servers working beautifully and am presently working
on re-writing the parts of Roundcube I don't like (e.g. it uses inline
JavaScript in a few places so CSP breaks it) but -
Is there any advice on characters to allow in usernames?
I know there are some wacky characters that are legal in e-mail
addresses but are
2007 Apr 05
0
configure.ac libswfdec/Makefile.am libswfdec/swfdec_codec.c libswfdec/swfdec_codec_gst.c
configure.ac | 20 +++
libswfdec/Makefile.am | 10 +
libswfdec/swfdec_codec.c | 9 +
libswfdec/swfdec_codec_gst.c | 260 +++++++++++++++++++++++++++++++++++++++++++
4 files changed, 294 insertions(+), 5 deletions(-)
New commits:
diff-tree 9367afafdc43e320b2689237f9f302e52d8fac0e (from 1906bf5a380edbbb4b808543cf3da0e9e836dbf4)
Author: Benjamin Otte
2008 Jan 19
1
Set Return Type XML in Prototype
Please help i can''t return xml data using prototype.
If i use data from direct xml file then it works fine but when i use
ajax request with header content xml it''s not working
My code just work on IE but in FF it does not working. My code sample
are given below
If any one already done this kinds of job Please help me as soon as
possible.
var xmlDoc;
function Claulate()
{
var
2009 Jun 11
3
deSolve question
Dear All,
I like to simulate a physiologically based pharmacokinetics model using R
but am having a problem with the daspk routine.
The same problem has been implemented in Berkeley madonna and Winbugs so
that I know that it is working. However, with daspk it is not, and the
numbers are everywhere!
Please see the following and let me know if I am missing something...
Thanks a lot in advance,
2009 May 10
2
plot(survfit(fitCox)) graph shows one line - should show two
R 2.8.1
Windows XP
I am trying to plot the results of a coxph using plot(survfit()). The plot should, I believe, show two lines one for survival in each of two treatment (Drug) groups, however my plot shows only one line. What am I doing wrong?
My code is reproduced below, my figure is attached to this EMail message.
John
> #Create simple survival object
>
2007 Mar 28
1
Re: Wine - Airmail -WHAT'S ACTCTX?
On Wed, 2007-03-28 at 11:46 -0400, Ed wrote:
> I am not experienced in programing or wine, maybe the drinking
> version. Anyway I have attached the program. Unless you are a ham
> operator you might have a problem setting the program up. Let me know
> if you need any more information. The file is amhc33081.exe
I tried this as
WINEDEBUG=+richedit wine amhc33081.exe >
2009 May 12
2
import HTML tables
Hello,
I was wondering if there is a function in R that imports tables directly
from a HTML document. I know there are functions (say, getURL() from {RCurl}
) that download the entire page source, but here I refer to something like
google document's function importHTML() (if you don't know this function, go
check it, it's very useful). Anyway, if someone of something that does this
2007 Apr 06
0
3 commits - libswfdec-gtk/swfdec_gtk_loader.c libswfdec/Makefile.am libswfdec/swfdec_codec.c libswfdec/swfdec_codec_ffmpeg.c libswfdec/swfdec_codec_gst.c libswfdec/swfdec_codec.h libswfdec/swfdec_codec_screen.c libswfdec/swfdec_codec_video.c
libswfdec-gtk/swfdec_gtk_loader.c | 10 --
libswfdec/Makefile.am | 2
libswfdec/swfdec_codec.c | 39 --------
libswfdec/swfdec_codec.h | 26 -----
libswfdec/swfdec_codec_ffmpeg.c | 98 ++++++++-------------
libswfdec/swfdec_codec_gst.c | 174 +++++++++++++++++++-------------------
libswfdec/swfdec_codec_screen.c | 60 +++++--------