security

问题 In Access 2013 (64-bit) I'm opening another database (db2) when the user clicks a button on a form in db1. This is working. However, when it opens db2 I get the warning bar "Security warning: Some active content has been disabled. Click for more details" with a button to enable the content. This is annoying and when I open the database from db1 with forms also opened, when I click the button to enable the content all currently open forms are closed. Both databases are in the same directory,

问题 In Access 2013 (64-bit) I'm opening another database (db2) when the user clicks a button on a form in db1. This is working. However, when it opens db2 I get the warning bar "Security warning: Some active content has been disabled. Click for more details" with a button to enable the content. This is annoying and when I open the database from db1 with forms also opened, when I click the button to enable the content all currently open forms are closed. Both databases are in the same directory,

问题 I want to set up very simple http server whith replaces few keywords in single html file and send it in repspond to request to clients. Python's http.server looks good for me but in documentation I found: Warning http.server is not recommended for production. It only implements basic security checks. and in source code: SECURITY WARNING: DON'T USE THIS CODE UNLESS YOU ARE INSIDE A FIREWALL -- it may execute arbitrary Python code or external programs. Do you know any way to create safty http

问题 I'm new to android, I have seen many people hiding their SHA-1 certificate fingerprint. I have developed an app using google play services and shared it with someone. It has my SHA-1 certificate fingerprint in it. Can a hacker do any damage to me by knowing my SHA-1 Certificate. Thanks. 回答1: The certificate fingerprint is calculated from the certificate. The certificate itself is public information and transferred in clear during the SSL/TLS handshake. Which makes the fingerprint public

问题 How we can make sure that the docker base image for example ubuntu:latest are not corrupted?? That is how to check the authenticity of docker base images?? 回答1: Checksum verification docker pull verifies download of its each layer using Checksum. It will detect corrupted download. $ docker pull ubuntu:latest latest: Pulling from library/ubuntu 1be7f2b886e8: Downloading [=====> ] 4.865MB/42.86MB 6fbc4a21b806: Download complete c71a6f8e1378: Download complete 4be3072e5a37: Verifying Checksum <<

问题 I currently have been given the following java code snippet as an example of how to calculate a hash based on a supplied 'in' and 'salt' variable. In these examples the variables are hardcoded for testing: package generatehash; import java.security.MessageDigest; import sun.misc.BASE64Encoder; public class GenerateHash { public static void main(String[] args) { String in = "abcdef12345"; String salt = "test1"; try { MessageDigest hash = MessageDigest.getInstance("SHA-256"); byte[] digest =

问题 Our application works with Active Directory users and groups. We are using LDAP on port 389 for Active Directory operations. Now, one of our clients want us add an option for using LDAP + SSL for Active Directory communication. They told us that they have a local CA installed on their domain and using self signed certificate for LDAPS. They also told us that they will provide the certificate, no mutual-trust needed and we should use Windows certificate store. I have developed a test

问题 I'm looking into using Stripe.js for payment processing in a mobile web application wrapped in Cordova. According to the Stripe documentation all checkout pages should be served over https. Since Cordova will technically be serving these pages locally in a webview, are there any security concerns I should worry about? Note: I will still be using https to submit the tokenized card details from Stripe to my remote API server to actually complete the charge. 回答1: I'm an engineer at Stripe.

问题 How can I turn on HTTP Strict Transport Security (HSTS) for Azure WebRoles? 回答1: The accepted answer is confusing and the correct answer (on ServerFault) is hidden in the comments, so I'll just recap it quickly here. Basically this is what you want to do: Redirect all HTTP requests to HTTPS Add the Strict-Transport-Security header to all HTTPS requests The appropriate web.config would look like this: <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <rewrite> <rules>

问题 How can I turn on HTTP Strict Transport Security (HSTS) for Azure WebRoles? 回答1: The accepted answer is confusing and the correct answer (on ServerFault) is hidden in the comments, so I'll just recap it quickly here. Basically this is what you want to do: Redirect all HTTP requests to HTTPS Add the Strict-Transport-Security header to all HTTPS requests The appropriate web.config would look like this: <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <rewrite> <rules>