As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 9 years ago.
Anyone familiar with specific security issues in the current version of DotNetNuke?
(I've already checked out their site, securityfocus, etc...)
I've reopened the question, since my client developed their system using DotNetNuke - hence it is a programming question. I just need to know some issues regarding this platform.
DNN Vulnerability information will be at:
http://www.dotnetnuke.com/News/SecurityPolicy/tabid/940/Default.aspx
I'm not aware of any security issues that have been announced with the current version of DotNetNuke (4.9.0). The security policy of DotNetNuke is to address any known security issues as soon as they are discovered. They won't release a version with a known security issue.
I just want to add to this, that DotNetNuke corporation, right or wrong, asks that people not publicly discuss exploit details if known, as it exposes the wide community to greater risk.
Typically the rule of thumb with DNN is to upgrade to the most current version, and keep an eye on the security items posted on the site, also, keeping an eye on Cathal's blog is a good idea as he is the head security person.
Related
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I need to choose an open source BPEL engine for my work. I'm new to BPEL and I've never worked with any BPEL engine. Which engine would you recommend me that is easy to configure and use for a begginer? Brief explanation but I really have to experience at all.
We use Apache ODE at work, and it works fine. The project support we have via mailing lists is enough for us.
I used Oracle's BPEL engine about two years ago. It was both a nightmare to configure, and fairly half-baked in terms support. Even their example code didn't work properly. Things may have changed since then.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I create a web server with Node.js. I'm using the Express framework. The database is MongoDB.
I want to host web server on a Linux machine. I don't know how to make the decision between the different Linux distributions, such as Debian, Unbuntu or RedHat.
My questions are:
What is the main difference of the different distributions?
Which factors should I take into account?
Which one is better for my requirement?
What is the main difference of the different distributions?
Nothing. (As long as running node.js is the only concern)
Which factors should I take into account?
Whether any unresolved issues are yet to be addressed by node.js.
Which one is better for my requirement?
I would consider Ubuntu, as it's popular & bugs are addressed faster due to shorter release cycle.
I'm using it in Debian. Rock solid!
In your case it also complies with the clever tip that Joachim Isaksson gave you - use whatever you're familiar with.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I am developing a ASP.NET MVC app deployed on Azure, and looking for a library providing asynchronous transport mechanism/fallback.
After my own research, I've concluded that there are two well-known candidates - Socket.io and SignalR.
My question is simple) What's the pros and cons of them? It there any good reason to use one over the other?
thanks :)
I'd have to say that SignalR is definitely the best approach for your application. With the current build our laptops serving as servers are pushing around 350k messages/s. With the next release it will be even higher (several multiples higher judging by current tests).
Check out the main site: http://signalr.net/
The GitHub: https://github.com/SignalR/SignalR
JabbR for questions: http://jabbr.net/#/rooms/signalr
I've never used SignalR and according to what google tells me it is a replacement solution for .Net apps.
So I guess you should give it a try.
Socket.IO is awesome, I love it but I'm a noder. According to their doc there is no .net/c# bindings. Maybe their doc is not up to date.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I could not find anywhere on google information about Spotify Apps that would say anything about the future plans of this expansion, in particular, if it would be possible to publish your own app somewhere on the future Spotify App Store or something similar to that. Does anybody know if this feature is in the future development plans of the company?
The process for getting your application published on the App Finder is here:
https://developer.spotify.com/technologies/apps/process/
Specifically, we request you submit a concept to us first so we don't end up with duplicate apps, then once that's approved the process is fairly standard - you make the app, we make sure it's good enough for the App Finder, then it gets published.
If you've already started to make an app, no matter - just submit it as a concept anyway and we can work from there.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I'm looking for a good book on writing secure code, with an emphasis on mobile applications. A practitioner's approach would be better than a academic discussion of the theory/algorithms/etc.
What would you recommend?
'Writing Secure Code' by Microsoft is okay - if a tad Microsoft specific, and you could have a look at 'Developing Secure Mobile Applications for Android' by ISEC
See also Are there any coding guidelines for the Android platform that focus on security? and Android API/development security pitfalls, which are nominally focused on Android -- but actually raise issues that are relevant to every mobile application platform.