Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





Search Forums

(Advanced Search)

Forum Statistics
» Members: 649
» Latest member: brownelon258
» Forum threads: 998
» Forum posts: 5,096

Full Statistics

Online Users
There are currently 56 online users.
» 3 Member(s) | 51 Guest(s)
Bing, Google, Comograma, Jose Nilton Pace, MJS@mjs.us

Latest Threads
Check this out! IntraWeb ...
Forum: IntraWeb General Discussion
Last Post: Comograma
3 hours ago
» Replies: 5
» Views: 132
IdHTTPServer and session ...
Forum: Indy General Discussion
Last Post: rlebeau
Yesterday, 06:42 PM
» Replies: 3
» Views: 36
IWAppCache question - ctO...
Forum: IntraWeb General Discussion
Last Post: Alexandre Machado
Yesterday, 07:35 AM
» Replies: 1
» Views: 38
Ciphers
Forum: IntraWeb General Discussion
Last Post: zsleo
05-27-2020, 07:02 AM
» Replies: 17
» Views: 295
Bootstrap
Forum: IntraWeb General Discussion
Last Post: ShaneStump
05-27-2020, 12:33 AM
» Replies: 1
» Views: 48
CheckActiveFormInSync sho...
Forum: IntraWeb General Discussion
Last Post: gerritschurer
05-26-2020, 01:39 PM
» Replies: 2
» Views: 62
First time runing Error!
Forum: COSMOS General Discussion
Last Post: Quajak
05-26-2020, 09:12 AM
» Replies: 7
» Views: 77
Reported security issue v...
Forum: IntraWeb General Discussion
Last Post: joel
05-25-2020, 06:29 PM
» Replies: 4
» Views: 149
System.BadimageformatExce...
Forum: CrossTalk General Discussion
Last Post: kudzu
05-25-2020, 05:40 PM
» Replies: 5
» Views: 60
Barcode Scanning?
Forum: IntraWeb General Discussion
Last Post: ShaneStump
05-25-2020, 11:54 AM
» Replies: 15
» Views: 181

 
  Ajust screen on smartphone and tablet
Posted by: newuser - 05-22-2020, 10:42 AM - Forum: IntraWeb General Discussion - Replies (1)

Hi,
Does anyone know how to let the app size respond on the device and screen size and the position (landscape / portrait)?
I've tried WebApplication.FormHeight

Print this item

  IWMemo Maximum Lines reached
Posted by: DavidChiq - 05-21-2020, 04:42 PM - Forum: IntraWeb General Discussion - Replies (1)

I have been using IWMemo to display log files to the user and in the past have not had any problems; at least that I could find.  In the latest versions however, I am not getting the web browser to display all of the lines that are read in using LoadFromFile.  I even tried adding the lines one at a time using a separate read function but it still will only show about 273 lines of my text file.  Some of these logs can get VERY large.  Is there a way to increase the "size" of the data in the IWMemo component?  Is there another component that might work better?  FYI - currently using IntraWeb 15.1.9 in Delphi 10.2 but the problem is in versions created several months ago also.

Thanks!
David C

Print this item

  Ciphers
Posted by: zsleo - 05-21-2020, 12:38 AM - Forum: IntraWeb General Discussion - Replies (17)

One of my web apps is being PCI certified.

1. How do I restrict ciphers from being used?

For example, I want to disallow ciphers
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
.. and others

2. I have an auditor querying if we can prevent ECDH public server param reuse

Is this possible and if so how.


TIA

Print this item

  Anyone using Auth0, FusionAuth, Okta, IdentityServer, Keycloak or equivalent?
Posted by: ioan - 05-20-2020, 07:00 PM - Forum: IntraWeb General Discussion - Replies (1)

I'm researching how to get our web application to be more secure and it seems that using one of the existing account management system like Auth0, FusionAuth, Okta, IdentityServer or  Keycloak would be the best solution. 

Did any of you use one of the account management systems available, with Delphi and IntraWeb? 

Any advice or direction is greatly appreciated.

Print this item

  Reported security issue vulnerabilty
Posted by: joelcc - 05-20-2020, 05:16 PM - Forum: IntraWeb General Discussion - Replies (4)

We have a third party company that is reviewing our websites.

They have reported some security issues that they are requiring us to address.


---------------------
Here is their description of the problem:  Cross Site Scripting

The "callback", "ajaxevent" and "ArowId" parameters found on https://site.somewhere.com/iw/Isiw.dll//$/callback can be modified to include executable JavaScript.

Note: The request requires a valid 'IW_SessionID' value that can be obtained by going to the application (no authentication required)

----------------------------

It sounds to me that they think a user can grab a session_id from the site and then use it to do an ajax callback with some malicious code.

Do you have How do I mitigate this risk?

We are currently using iw 14.  Are there some changes in iw15 that would help?

Print this item

  accessing user name
Posted by: tobenschain - 05-20-2020, 01:41 PM - Forum: IntraWeb General Discussion - Replies (2)

Users are demanding that the user name entered during log in be used for intraweb app. They say i should use LDAP so they do not have to reenter user name and password. Do i use WebApplication.Request.mAuthUser?

Print this item

  MessageDlg in Intraweb (message with dialog buttons)
Posted by: a.palladino - 05-20-2020, 08:55 AM - Forum: IntraWeb General Discussion - Replies (4)

There is a function similar to Messagedlg for intraweb
Tanks

Print this item

  TIWFileUploader: SelectFile()
Posted by: JuergenS - 05-19-2020, 01:28 PM - Forum: IntraWeb General Discussion - No Replies

Hi,

Apparently TIWFileUploader only works for the Windows platform.

Is that the case or should it also work with browsers on Android devices?

C++Builder 10.3.3

IntraWeb 15.1.22

Regards
Juergen

Print this item

  TIWServerController: OnBeforeNewSession/OnNewSession
Posted by: JuergenS - 05-19-2020, 01:26 PM - Forum: IntraWeb General Discussion - No Replies

Hi,

I have found that a new session is always created with an HTTP request
and the OnNewSession event is triggered, whether in the OnBeforeNewSession event
the parameter vCanCreate is set to true or false.

Should a new session not only be created with vCanCreate = true


C++Builder 10.3.3

IntraWeb 15.1.22

Regards
Juergen

Print this item

  OnClick vs OnAsyncClick
Posted by: newuser - 05-16-2020, 07:58 AM - Forum: IntraWeb General Discussion - Replies (3)

Hi,
Can anyone tel me the difference?

Print this item