We are still on Kentico 10 and failed a PCI scan. Results said XXS vulnerabilities. Not completely understanding Kentico Documentation on how to resolve this. Tested with alert(1) in Search box and it executed with a 1 in a message box popup.
Already updated Web Config file with recommendations. Documentation lists the following as ways to avoid, but I am not sure where to do this. In the CMS itself? On the server?
If you keyed a script call into your Search Box and received the popup that means you need to encode text being entered. HTMLEncode is probably the first one I'd do. Do that in the code-behind before you save it to the system or use the input for anything.
Related
I am retrieving Bloomberg History data based on user supplied Time Frame, and for a single instrument I am able to sucessfully retrieve History prices [Bid,Ask] by using IntradayTickRequest on the lines of IntradayTickExample Sample code in the SDK.
However, I am unable to find anything in the SDK through which I can retrieve all the Symbols/Tickers present in our Bloomberg Terminal. Please let me know which functionality to use for this purpose.
Thanks,
It's not possible to download all symbol you see on the terminal via the Api, you always have to start with some criteria, e.g. a search string, an index to get all constituents for, etc. It would be helpful if you could clarify what do you mean by "the list", like where do you see that list? or on which function on the terminal?
Is there a "code free" way to get SOLR/LUCENE (or something similar) pointed at a set of word docs to make them quickly searchable by a user?
I am prototyping, seeing if there is value in, a system to search through some homegrown news articles. Before I stand up code to handle search string input and document indexing, I wanted to see if it was even worth it before I starting trying to figure it all out.
Thanks,
Judd
Using the bin/post tool of Solr and the Tika handler (named the ExtractingRequestHandler), you should be able to get something up and running for prototyping rather quickly.
See the introduction of Uploading Data with Solr Cell using Apache Tika. Tika is used to process a wide range of different document types.
You can give the Solr post tool a directory or a list of files to submit to the index.
Automatically detect content types in a folder, and recursively scan it for documents for indexing into gettingstarted.
bin/post -c gettingstarted afolder/
Well, I want to make a little console application that can get the weather and all its stats to show up in a little box, and I need to get this from a website, I'm thinking something like weather.com, and I need to do it in C++. I need it to simply grab some weather stats from the site and post them in a list on the console screen, in real time, or at least with a refresh button. Is this even possible or do I need to learn some java to do this?
Try feeds from news channel. Or popular Yahoo website API FOR WHETHER
Hey APIs are not in C or C++ specific(with some exception). You can directly download webpage where you can see whether report. Then press F12 & find under which HTML tag it lies. Then open that web page using socket API. THIS IS JUST SINGLE LINE CODE. for finding that tag you need string functions. Then copy & paste work. Also use threads to update time & date & obviously whether report.
I have an application which has nothing to do with the weather.. however those customers are interested in seeing the weather in a box just like the person who asked for this... in worse case I will call a bash script curl wttr.in and translate the output to nice graphics from Oxygene icons at iconarchive.com.
Who has a better solution?
I have a Django app that stores client data. Currently, there are just over 1,000 clients in the database. Twice a year, I need to print a semi-customized letter for each client. Ideally, I want to be able to click a button/link and the entire batch is sent to the printer; I don't want to have to click "print" for each letter since that would be absurdly time consuming.
I have thought of is using Celery to chug through the process of printing all the documents, but I don't know how that would be accomplished. I would have to 'build' the document and send it to the printer without the user seeing this happen.
The other idea I had was to create a "web page" that contains all the letters on one page. Then the user can hit "Print" and the pages would come out of the printer as a collection of letters. Although, this seems sloppy.
Any ideas?
Thanks
I would advise using wkhtmltopdf for this task. You can then create the required letters from one long html with pagebreaks or separately and print them as you regularly print PDF's.
http://code.google.com/p/wkhtmltopdf/
As wk stands for WebKit it will print exceptionally good quality PDF's. It's a commandline tool that you can just download and run. Small tutorial is here for you.
http://shivul.posterous.com/django-create-dynamic-pdfs-using-wkhtmltopdf
ReportLab is also a good option. But myself I don't want to create raw pdf syntax and Pisa the html library for ReportLab is not really that good. wkhtmltopdf is much better and easier to use.
I'd suggest using something like Reportlab to create the whole thing as a single PDF document that you can send to the printer in one go.
See the docs on generating PDFs from Django.
Okay SO. I need some guidance. I apologize for the length of this post, but I need to provide some details:
I've got someone who is interested in me to do a small project for them. The application in general is a fairly straightforward employee record keeping / documentation app, but it makes pretty heavy use templated Word and Lotus documents. The idea is you select the employee “event” such as commendation, promotion, discipline, etc., and it loads the appropriate template doc and you fill it in from there, and later you can select an employee, view all the “events,” and view the individual documents associated with each one.
Thus, the app must know where the .docs are saved when the user is done.
The client actually has a v1 of this app (it doesn’t do any management of the files or anything, just launches Word/Lotus with the document you wanted to view in a new instance, presumably via a system() call.) We’ve not gotten into a detailed requirements phase, but the client and I agree that for this to really work, some kind of control over where the user saves the .doc’s to is going to be critical , because otherwise the app provides them with the new copy of the template doc, they "Save as" somewhere else, and the app is pointing to the blank copy it provided them with.
Obviously, I can’t think of a way to achieve “Save as” restriction/control in any way via just launching a new instance of Word. The client has the idea of an embedded Word/Lotus instance in the app with the template doc when you choose one, but I’ve few reservations with that:
I’ve dug around online and I’ve read that whichever version of Word I borrow MSWORD.OLB from will be the one the end user would require?
I’ve tried to do the MSDN example of embedding a Word doc from here, but as I’ve come to get used to, the MSDN example doesn’t even compile.
Even if I CAN figure out how to embed a .doc file into their application, I don’t know that I could control the use of “Save as…”
All of this STILL hasn’t touched on Lotus (!)
So… instinctively, I feel the embedded Word/Lotus thing has to be more work than it’s worth in the end.
So I’ve had a few other ideas brewing around.
One is looking into using Office XML (and if there’s a lotus equivalent), and get the user’s “inputs” separately and generate the document on the fly each time. I’m not particularly thrilled with that idea, but I think it COULD work, provided I just use old features to try and stay far backwards compatible.
Get user’s “inputs” separately and generate a document in HTML. Meh. Works, very cross platform and easily parsed and understood, but not good if you want to be able to email it to someone (who emails a .html? Works, yes, very unconventional which to the average user will throw them off) and even worse if you need to email it to someone for revisions…
Perhaps some kind of editable PDF? I know there are PDF libraries out there, and the more I stew on it, the more this sounds like the best option, though I’ve not done much work with PDFs and I don’t know how easily embeddable they are / what options one has when creating them. I know they can be save-disabled, I’ve had that with my bloody state taxes before.
I need some input here. Here’s the TLDR questions:
Is launching a new instance of Word for each .doc as bad as I feel, given user can “Save as” document wherever and then application is left pointing to a blank document?
Is trying to support embedded Word as big of a trouble as I feel like it is / more work than it’s worth / likely to cause problems with supporting multiple versions of Word? (Forward compatibility as well as currently released versions?)
What are thoughts on the PDF plan?
Any other good ideas?
Word does allow for programming some "Save" and "Save As" control via its object model. Any subroutines coded in VBA and placed into your Word template will be copied into all documents generated from that template. Additionally, most menu and Ribbon commands can be intercepted by creating a module containing subroutines named for the intercepted commands. So, for example, if a module contains a sub named FileSaveAs(), any code in that sub will be executed instead of the standard File|Save As command. Lastly, this code will replace Save As commands executed via keystroke, toolbar, menu, or Ribbon.
The code below will launch a dialog box to a predetermined path whenever a "Save" or "Save As" command is executed:
Sub FileSave()
ControlSaveLocation
End Sub
Sub FileSaveAs()
ControlSaveLocation
End Sub
Sub ControlSaveLocation()
Dim Directory As String
Directory = "C:\Documents\"
With Application.Dialogs(wdDialogFileSaveAs)
.Name = Directory
.Show
End With
End Sub
Hope this helps.