Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 5 years ago.
Improve this question
Can anyone tell how to allow the cross site scripting in the jhipster so that the warning can be resolved?
A Parser-blocking cross site (i.e. different jsapi:22 eTLD+1) script,
https://www.google.com/uds/?file=elements&v=1&packages=transliteration,
is invoked via document.write. The network request for this script MAY
be blocked by the browser in this or a future page load due to poor
network connectivity. If blocked in this page load, it will be
confirmed in a subsequent console message. See
https://www.chromestatus.com/feature/5718547946799104 for more
details
as well as multiple occurences of the same message referencing different Google scripts.
The warning you're receiving is due to you including the Google Transliterate API in a manner which may result in poor user experience on devices with slow network connections.
Somewhere in the scripts for your site, you'll have a line which looks something like this:
document.write('<script src="https://www.google.com/uds/?file=elements&v=1&packages=transliteration"></script>');
There may be multiple scripts in one document.write or they may be split across several calls. This may not be the only thing in the call to document.write.
To remove this warning, you'll need to move all of your <script> tags outside of calls to document.write.
See this post for more details.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I would like to create a simple HTTP server in Android for serving some content to a client.
Any advice on how to build the server or use any existing library?
Consider this one:
https://github.com/NanoHttpd/nanohttpd.
Very small, written in Java. I used it without any problem.
NanoHttpd works like a charm on Android -- we have code in production, in users hands, that's built on it.
The license absolutely allows commercial use of NanoHttpd, without any "viral" implications.
This can be done using ServerSocket, same as on JavaSE. This class is available on Android. android.permission.INTERNET is required.
The only more tricky part, you need a separate thread wait on the ServerSocket, servicing sub-sockets that come from its accept method. You also need to stop and resume this thread as needed. The simplest approach seems to kill the waiting thread by closing the ServerSocket.
If you only need a server while your activity is on the top, starting and stopping ServerSocket thread can be rather elegantly tied to the activity life cycle methods. Also, if the server has multiple users, it may be good to service requests in the forked threads. If there is only one user, this may not be necessary.
If you need to tell the user on which IP is the server listening,use NetworkInterface.getNetworkInterfaces(), this question may tell extra tricks.
Finally, here there is possibly the complete minimal Android server that is very short, simple and may be easier to understand than finished end user applications, recommended in other answers.
Another server you can try http://tjws.sf.net, actually it already provides Android enabled version.
If you are using kotlin,consider these library.
It's build for kotlin language.
AndroidHttpServer is a simple demo using ServerSocket to handle http request
https://github.com/weeChanc/AndroidHttpServer
https://github.com/ktorio/ktor
AndroidHttpServer is very small , but the feature is less as well.
Ktor is a very nice library,and the usage is simple too
You can try Restlet edition for android:
The source can be downloaded from Restlet website:
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
I am getting a HTTP 429 Too Many Requests response when I attempt to access any Reddit page using a .json extension using Java.
I am using Java code found here without any modification (except to change the target URL). I am attempting to access URLs such as the following:
http://www.reddit.com/r/news.json
http://www.reddit.com/r/news/comments/3aqhk7/a_17yearold_invented_an_ingenious_way_to.json
I can access these pages just fine using a browser, but cannot access them programmatically despite the fact I am making a single request each time and waiting in between. Reddit returns this message when more than 30 requests are made in a minute, but I am making far less than that and no-one else on my network uses Reddit.
Is anyone familiar with this and why I might be getting these errors? Would there be a better way to approach this using Java?
Make sure to use a custom user-agent string - see the 4th bullet point on the API rules:
Change your client's User-Agent string to something unique and descriptive, including the target platform, a unique application identifier, a version string, and your username as contact information, in the following format:
<platform>:<app ID>:<version string> (by /u/<reddit username>)
Example:
User-Agent: android:com.example.myredditapp:v1.2.3 (by /u/kemitche)
Many default User-Agents (like "Python/urllib" or "Java") are drastically limited (emphasis mine) to encourage unique and descriptive user-agent strings.
Including the version number and updating it as your build your application allows us to safely block old buggy/broken versions of your app.
NEVER lie about your user-agent. This includes spoofing popular browsers and spoofing other bots. We will ban liars with extreme prejudice.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I have a web application with Tomcat 7.0.42. I have recently found on my server files I havent uploaded. these hacker files allow anybody to create files on my server.
I'd really like to figure out how they have got access to my server. In my web application I have a form to interact with users, but all fields are restricted with regular expression and I use prepared statements to deal with the database.
Moreover I uploaded a version of my web application which ONLY displayed information, I removed all forms and I didnt let any type of interaction with users. I also changed passwords. But files still appearing
I would like to discuss possibles vulnerabilities and solutions to them:
Remove write permissions on tomcat webapps folder once I have uploaded my war?
May my code be corrupted?
Any help would be so much appreciated, thanks in advance!
As Mark pointed out, the easiest way to get into a Tomcat server it's by accessing the Tomcat Manager with a week or default password.
Make sure it's not publicly available, you have a strong password and check your JSP code for web vulnerabilities.
Once you have been hacked, you could already be backdoored, either at code level or by some rootkit in your server. Check your web logs, what commands had been executed recently, and IMHO a "rm -rf /" to make sure everything is wiped out.
Ignacio.
Try reading the Tomcat security docs http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html
First check to see if the Manager application is present and if you have configured a user with a weak password for that app.
Looking at the access log is usually my next port of call.
As #Grimby rightly pointed out, Tomcat might not be the way they are getting in.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
The Dutch government publicizes the subsidies it gives on a website:
http://www.hetlnvloket.nl/databank-eu-subsidiegegevens-2012#
However, it is not straighforward to get the data from the website. If you go to the site, choose 'Gemeenschappelijk Landbouw Beleid' (Common Agricultural Polici, the EU subsidy schedule) and press 'zoek' (zoek means 'search') at the bottom of the page you get a table from 100 entries. But I can't get it into R. It seems the page is generated with a JavaScript after you press 'zoek'.
My questions are:
How do I scrape this from the website?
How do I get the other 900 pages (there are a total of 90K records)
I asked the government to give me this data in XLS but they won't, for 'privacy reasons'. But this way nobody can check. I don't like that. ;-)
If you don't see the url change, the request is usually done via ajax, or via a post-request to the same page. In this case it is done via an ajax POST-request to a certain page with some parameters. To find out what page is loaded with what parameters, open your developer console. You can do so by right-clicking in most browsers and clicking 'inspect element', or by hitting F12. Go to the network tab and click the search button. You'll see a request in the network tab pop up. Inspect this request. You'll notice that this is a request to /pls/feed/glb2012. You can find the request parameters around there too.
As for the question "how" to scrape this. Use a programming language and your favorite scraping library. To suggest a library is out of the scope for StackOverflow.
Use a tool better suited for scraping than R. For example, Scrapy or BeautifulSoup in python, Mojolicious or Web::Scraper in perl, ... You want to scrape with a scraping tool, output data in csv (or something similarly standard), and then get it into R.
You need to figure out what the browser-server communication is exactly. The data is probably not at the url you see when you go to that page. A quick capture in Wireshark and look at the HTTP requests will show that.
It looks like, based on your level of experience (and likely, not wanting to learn new tools just for this) you probably want to have someone do it for you. Post it on elance, make sure whoever does it has done a bunch of scraping projects, it should take only a couple of hours max.
If you do want to do it, then follow scraping tutorials and cookbook examples, but remember to check the actual communication in Wireshark as you do that.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
I've been going through a very frustrating time trying to distribute my program and I could really use some help.
So it all started a long time ago when I decided to try and teach myself C++. I thought I'd learn by doing by trying to create a text adventure with basic code. I managed to create an executable file that worked and cheerfully submitted it to a website that sometimes hosted content similar to what I created.
My submission was rejected out of hand, as no one wanted to advertise or even open the contents of a link to a file download from an unknown source. I found some information online saying that by using the Java Programming Language, I could run an application from a webpage using something called an "applet" that other people could access.
So I learned a second programming language and some basic html and tried to put my application on a website... Except it turns out that applets are a dying technology that no one trusts and that while it is possible to run a program as an applet (or a java web start application) from a webpage, modern browsers will scream bloody murder at anyone who tries to do so because applets are considered horribly insecure.
This project has now been ongoing in some form or another for over a year at this point, and I am at my wits end. I really, really don't want to have to write my program over again in yet another language just so that I can show it to people without them flipping out and acting like I'm trying to infect them with a virus. Is there any way at all to have people use my Java program for free on the internet in a way that won't give people terrible security messages?
It's not a question of programming language. As long as your goal is to distribute your code (meaning that users have to download your code and run it on their computers) you will face the resistance. I, for one, would not run anything downloaded from internet until I research it and find reputable evidence of it being legit and harmless.
You may want to have it as a web application that runs on your server and gives users options to download results in some acceptable format. PDF is usually considered safe, though it's possible to embed maleware there.
Java EE gives many options for creation of such app, starting with JSP (Java Server Pages) and including more up-to-date ones (JSF and such).