I am activating the web feature through code
web.Features.Add(new Guid("e03a943d-9a68-48cf-9a42-cb65be8fc4fb"));
The feature code is completed the execution but in the manage site feature page the feature show like not activated.
What is reason for this?
I think the add feature method is known to be a bit buggy.
It does not report exceptions even when it fails.
Things to check for:
Are you running this as Site Collection Admin?
Does this feature require other features to be enabled?
Check the ULS logs for errors, if needed include a custom tracer to make it easy to locate problems
Related
I'm new to ZAP tool so sorry in advance if question is stupid, but I cannot find answer on it so far...
I have to fix all the vulnerabilities in some application, so I installed ZAP proxy tool locally, then explored application manually, collected all the requests and ran 'Active scanner' against it. So far everything is good, but the problem is that application quite big and it's very difficult and time consuming to cover everything manually. Fortunately we have dedicated automation environment where I can setup ZAP proxy and let test's go and populate context (set of url's for test) for me
So now my task is somehow share context's between different environments with ability to change base addresses
e.g. I populated context on somedomain/myapp and want run ZAP tool against same application deployed locally, or in different server (e.g. localhost/myapp)
It would be very helpful if someone could share any info how to achieve that.
Thank you in advance,
Eugene
It seems that you can create new context and then add existing links to that context.
Craete a new context
Add existing link to the selected content (right click)
Check this link.
https://chrisdecairos.ca/intercepting-traffic-with-zaproxy/
Tiago
I'm having trouble loading my updated XML for a contextual gadget in gmail. I was reading through the Google Gadgets FAQ, and it is stated that the XML files are cached for a few hours.
I've been searching for a while on how to get around this and found a few solutions such as:
Add a nocache=1 (or something close to that) to the querystring
Add anything to the querystring
Use the "My Gadget" gadget to disable caching.
None of these solutions work for me, and I'm suspecting it's because none of them are newer than 2010 and things tend to change. Has anyone else run into this issue recently?
It is not &nocache=1 but &nogadgetcache=1 that must be added;
make sure you append this before the # in the URL !
from the docs :
Changes to gadget don't show up immediately.
Gmail is probably using a cached version of the gadget. Changes to gadgets can take some time to be reflected because of caching. Solution: Make sure you include the flag &nogadgetcache=1 in the URL when you start Gmail to test your gadgets. This flag ensures that any changes you make to gadgets will show up in your Gmail account immediately. If you reference external resources in your gadget, such as JS or CSS files located on external servers, those resources are still subject to caching.
https://developers.google.com/gmail/contextual_gadgets
I am trying to load test a website where lot of images are called via Ajax and the very first thing i.e. logging into the application opens up a pop up when we click on log in button. I tried JMeter proxy settings to record it but failed. Also tried with Badboy, and it didn't work out too.
The limitations I have with me is I need to load test it with JMeter only. Are there any plugins available which can be integrated to JMeter so that AJAX and pop ups in an application can be handled in a much better way.
In general, JMeter does not have a problem with Ajax or Popups - so there is no plugin to address such. Both recording and playback happens at the HTTP layer so things like popups are somewhat irrelevant and Ajax is more a matter of timing; but in both cases it is only the HTTP call that matters. So, if you are having a problem, it could be something else that is holding you up. Try playing with the Proxy settings or using a different browser, beyond that you would need to expand 'didn't work out' and 'it failed' into a more detailed problem statement!
One solution - regardless of your exact problem - is to build the testplan manually, this is often actually the easiest way to work with JMeter. You can use a tool like fiddler or charles to examine the traffic and create the requests directly based on what you see. You can also use browser dev tools to do this. You might instinctively think this is going to be difficult but it's not and the added bonus is that the process gives you a solid understanding of how whatever it is you are testing actually works - which is always nice to have.
JMeter is a tool for testing server-side activity; as long as you record every request to server-side it doesn't care whatever happens on the client. Can you give details abt why JMeter "failed" to record Ajax requests?
Are you sure that you have included recording controller to your Jmeter thread group?
I think you are missing with you configuration for "recording controller" or "HTTP Request Sampler"
Some more information about your "didn't work" situation will be much more helpful.
I'll suggest that you should also have a look at the Jmeter Log file(jmeter.log) created in "Bin" folder to understand the root cause of of the issue.
Thanks,
I'm trying to find a non-SSL resource that is being loaded on my site.
This happens occasional where one of us forgets to use the https version of a resource (like some js in a CDN).
My question is there any firebug-like tools to find these "Turds in the punch bowl"? I want my green padlock back :)
Besides Firebug, which you've mentioned, you can use the developer tools in Chrome:
Tools menu -> Developer Tools
Go through the list of loaded resources in the Network tab
Alternatively, the HttpFox extension for Firefox can also be useful. It will keep logging the traffic even when you change pages, which may be useful in some cases.
(This is very similar to Firebug.)
mitm-proxy is great for stuff like this - http://crypto.stanford.edu/ssl-mitm/
You run it on your local machine in a console window, set your browser to use it as a proxy, and you can watch /log everything that your browser requests. It's a little noisy since it shows SSL hand-shaking and file contents, but you can filter that down. When you need to debug SSL communications it's invaluable to see those details though..
mitm-proxy is based on http://grinder.sourceforge.net/g3/tcpproxy.html which has more in the way of scripting capabilities.
I'm in the process of installing an open-source Python based web application to an internal server here at work. The existing code is open - it doesn't require a login to view it - but one of the requirements is that users have to be approved before they can see anything.
Is there a good way (using Apache configuration files for example, but any method would be great) to wrap the application so that any access requires a login? I would like to avoid modifying the open-source code (a maintenance nightmare every time a new release comes out).
Any thoughts or suggestions?
Apache supports Authentication, Authorization and Access Control.
It is a detailed process, and summarising it here would not do it justice. I refer you to the link provided,