I've seen no clear documentation on using CSV. What is the intended purpose - to read in variables?
For example, i'd like to run this many times with different vars. Does CSV files let me do this? The problem is that i cant see what my actual requests are in the collection window - i can only see the request with the var name, right?
localhost/api/{{var}}
Yes, you can do this with the CSV. If your csv was
var,name
1,name
2,name2
In collection runner if you iterate twice with localhost/api/{{var}}, the urls would be the following
localhost/api/1
localhost/api/2
Let me know if I haven't explained this well and I can add a little more detail a bit later.
Related
I am trying to get my first dashboard with python dash running.
The whole thing is very similar to this https://github.com/dkrizman/dash-manufacture-spc-dashboard.
At the beginning a Dataframe is read in from a csv. My problem seems to be quite easy to solve but somehow I am not succeeding:
I want to create a initial window that allows the user to select (from e.g. dropdown) the csv file (or accordingly the path) that is read in. All the .csv files look the same but just have different values.
When using the modal components I get problems with the install of bootstrap and I thought there must be an easier way?
Thanks for your help!
Best,
Nik
I made site package, on TYPO3, by by official documentations, everything ok,
but only one small problem,
when I watch the pages on the browser, I see the HTML TAGs,
I have not answer,
I tried already done package,
same problem....
what to do??
This always happens when you prepare HTML into a fluid-variable and output that variable directly.
In your case you do not assign to a variable, but you output the result from the viewhelper, which contains HTML-markup, directly.
To avoid that the HTML-markup is shown (escaped) you need to use an additional viewhelper: f:format.raw
either:
<f:format.raw><f:cObject typoscriptObjectPath="..." data="..."/></f:format.raw>
or:
{f:cObject(typoscriptObjectpath:'...', data:'...')->f:format.raw()}
I've found several ways to automate folder comparison using scripts in Beyond Compare, but none that produce the pretty html report created from Session>Folder Compare Report>View in browser.
Here is an example of what that looks like.
I would love to be able to find the script that gives me that html difference report.
Thanks!
This is what I am currently getting
load "C:\Users\UIDQ5763\Desktop\Enviornment.cpp" &
"C:\Users\UIDQ5763\Desktop\GreetingsConsoleApp"
folder-report layout:side-by-side options:display-all &
output-to:C:\Users\UIDQ5763\Report.html output-options:html-color
The documentation for Beyond Compare's scripting language is here. You were probably missing either layout:side-by-side, which gives the general display, or output-options:html-color which is required to get the correct HTML stylized output. You may want to change options:display-all to options:display-mismatches if you only want to see the differences, and you might want to add an expand all command immediately before the folder-report line if you want to see the subfolders recursively.'
The & characters shown in the sample are line continuation characters. Remove them if you don't need to wrap your lines.
My problem seems similar to Not able to visualize a loaded data , but I have no console errors and I have already added the '-allow-file-access-from-files' flag to my Chrome Browser. Here's my Java coding,
window.onload = function() {
var r = new X.renderer3D();
r.init();
pros = new X.mesh();
pros.file = 'file:///C:/Users/Nathan/Downloads/JB Farmer STL ACII.stl';
pros.caption = 'Prosthetic';
r.add(pros);
r.render();
};
Should I "play around" with with camera position, I know I have to do that in Three.js.
Maybe the model needs normals? I'm not sure if it does or not. I haven't worked with 3D modeling, besides Three.js.
Update: Ummmm, I'm not sure what is going on with this, but I realized that XTK generated 2 canvases . I looked at the first two Lessons and they have one.
^ Now eliminated the extra canvas, must have copied a piece and that was in there.
For the moment, the loader of xtk doesn't seem to be done for local. I mean : it uses an XMLHttpRequest (XHR) to get the file with a GET request. First of all the request must be sent to something that can handle it (a server or localhost emilated by Wamp or equivalent). Then let's imagine if one broswer, no matter what one, allows XHR on a file at client side by his url, and imagine I'm a pirate and you come on my website. I know Windows well, I know in C:/Windows/System32 there always is a file where I can find your personals data. What do I do ? An XHR ! You've been hacked. It's a story but you see the idea.
That's why the only ways allowed by browsers to access local files are HTML5 File API & HTML5 Drag&Drop API (unfortunately...). Actualy a way to go through that limitation is having binary code at the client side (flash, java applet). The client is the only one who can ask to open a file or drop a file, so the browser is sure there won't be any security failure because of him.
So you should test it with something like Wamp and access your file with an url like "http://localhost/.../myfile.stl" or the relative url "/.../myfile.stl", or do the following if you realy want local files.
A few weeks ago I wrote my own parser for a private format for xtk and from local file, it worked well, I just used HTML5 APIs to read the file and get a String or BinaryArray from it and then wrote a parser that transformed it in a X.mesh. So I think the best would be to extend the X.loader for HTML5 file APIs, or like me to manualy load the file.
The following jsFiddle from Haehn helps : here !
What happens if you modify the filename with no space?
JB Farmer_STL_ACII.stl instead of JB Farmer STL ACII.stl
I have been working with Coldfusion 9 lately (background in PHP primarily) and I am scratching my head trying to figure out how to 'clean/sanitize' input / string that is user submitted.
I want to make it HTMLSAFE, eliminate any javascript, or SQL query injection, the usual.
I am hoping I've overlooked some kind of function that already comes with CF9.
Can someone point me in the proper direction?
Well, for SQL injection, you want to use CFQUERYPARAM.
As for sanitizing the input for XSS and the like, you can use the ScriptProtect attribute in CFAPPLICATION, though I've heard that doesn't work flawlessly. You could look at Portcullis or similar 3rd-party CFCs for better script protection if you prefer.
This an addition to Kyle's suggestions not an alternative answer, but the comments panel is a bit rubbish for links.
Take a look a the ColdFusion string functions. You've got HTMLCodeFormat, HTMLEditFormat, JSStringFormat and URLEncodedFormat. All of which can help you with working with content posted from a form.
You can also try to use the regex functions to remove HTML tags, but its never a precise science. This ColdFusion based regex/html question should help there a bit.
You can also try to protect yourself from bots and known spammers using something like cfformprotect, which integrates Project Honeypot and Akismet protection amongst other tools into your forms.
You've got several options:
"Global Script Protection" Administrator setting, which applies a regular expression against post and get (i.e. FORM and URL) variables to strip out <script/>, <img/> and several other tags
Use isValid() to validate variables' data types (see my in depth answer on this one).
<cfqueryparam/>, which serves to create SQL bind parameters and validate the datatype passed to it.
That noted, if you are really trying to sanitize HTML, use Java, which ColdFusion can access natively. In particular use the OWASP AntiSamy Project, which takes an HTML fragment and whitelists what values can be part of it. This is the same approach that sites like SO and slashdot.org use to protect submissions and is a more secure approach to accepting markup content.
Sanitation of strings in coldfusion and in quite any language is very important and depends on what you want to do with the string. most mitigations are for
saving content to database (e.g. <cfqueryparam ...>)
using content to show on next page (e.g. put url-parameter in link or show url-parameter in text)
saving files and using upload filenames and content
There is always a risk if you follow the idea to prevent and reduce a string by allow basically everything in the first step and then sanitize malicious code "away" by deleting or replacing characters (blacklist approach).
The better solution is to replace strings with rereplace(...) agains regular expressions that explicitly allow only the characters needed for the scenario you use it as an easy solution, whenever this is possible. use cases are inputs for numbers, lists, email-addresses, urls, names, zip, cities, etc.
For example if you want to ask for a email-address, you could use
<cfif reFindNoCase("^[A-Z0-9._%+-]+#[A-Z0-9.-]+\.(?:[A-Z]{5})$", stringtosanitize)>...ok, clean...<cfelse>...not ok...</cfif>
(or an own regex).
For HTML-Imput or CSS-Imput I would also recommend OWASP Java HTML Sanitizer Project.