irigsoft

HI, maybe this will help: https://stackoverflow.com/questions/4651193/event-when-a-web-page-gets-focused https://stackoverflow.com/questions/7389328/detect-if-browser-tab-has-focus

Hi, I use different parameters to load different forms. like this: 127.0.0.1:8077/?form=Admin

Hi, I give you example how to do it with delphi, but you can find more examples and try to print directly without PrintDialog (because dialog shown on server side and can't be usefull) @Woutero, here is some kind of examples: https://forum.lazarus.freepascal.org/index.php?topic=47640.0 Printer.SetPrinter('Microsoft Print To PDF'); Printer.Copies:=1; // PrintDialog1.PrintToFile:=true; // Printer.FileName:=suggestFileName()+'.pdf'; doPrint(); "For me your code is working. Please see attached demo. It checks whether the "Microsoft print to PDF" printer is available, selects it and sets the filename by setting the FileName property. (When the printer is not found it opens the PrintDialog)." https://forum.lazarus.freepascal.org/index.php?PHPSESSID=lhgjmk83bcjm7trnihen5tbt77&action=dlattach;topic=47640.0;attach=34509

Hi, why dont use just print to Windows PDF printer and show saved (printed) document to user? https://stackoverflow.com/questions/25371291/print-a-string-directly-to-printer https://www.delphibasics.co.uk/Article.php?Name=Printing https://www.google.com/search?q=delphi+print+to+printer&oq=delphi+print+to+printer&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIICAEQABgWGB7SAQg1Njg4ajBqN6gCALACAA&sourceid=chrome&ie=UTF-8

For Your need, best solution will be AI. We will wait for this option on unigui

So, this mean that all will be saved on DB. Can you create some Server Side protection based on examples from link above

Hi, maybe this will help to apply some proposal for protection : https://stackoverflow.com/questions/273516/how-do-you-implement-a-good-profanity-filter list with bad words (couple languages): https://github.com/LDNOOBW/List-of-Dirty-Naughty-Obscene-and-Otherwise-Bad-Words where do you get these obscenities in unigui interface?

Hi, maybe this will help:

Professional - 1.9.1551

Hi, I don't have Source Code.

Hi, I'm going to add a new way to protect cookies, but I can't test it, if someone can confirm my code is working I'd appreciate it. add to MainForm.Script this: function getCookie(name) { const value = `; ${document.cookie}`; const parts = value.split(`; ${name}=`); if (parts.length === 2) return parts.pop().split(';').shift(); }; //function setCookie () { var keyValue = getCookie ('UNI_GUI_SESSION_ID'); document.cookie = 'UNI_GUI_SESSION_ID=' + keyValue + ';Secure=true;SameSite=Strict'; keyValue = getCookie ('UNI_GUI_SESSION_ID'); document.cookie = 'UNI_GUI_SESSION_ID=' + keyValue + ';HttpOnly=true'; //};

Hi, I'm going to add a new way to protect cookies but I can't test it, if you can confirm my code is working I'd appreciate it add to MainForm.Script this: function getCookie(name) { const value = `; ${document.cookie}`; const parts = value.split(`; ${name}=`); if (parts.length === 2) return parts.pop().split(';').shift(); };//function setCookie () { var keyValue = getCookie ('UNI_GUI_SESSION_ID'); //alert (keyValue);//setCookie(key, keyValue, '-1'); document.cookie = 'UNI_GUI_SESSION_ID=' + keyValue + ';Secure=true;SameSite=Strict'; keyValue = getCookie ('UNI_GUI_SESSION_ID'); document.cookie = 'UNI_GUI_SESSION_ID=' + keyValue + ';HttpOnly=true'; //};

If someone already make it , please help. How do I block duplicate GET URL parameters? HTTP Parameter Pollution (HPP) : https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/04-Testing_for_HTTP_Parameter_Pollution Insecure direct object references (IDOR) : https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/05-Authorization_Testing/04-Testing_for_Insecure_Direct_Object_References

I work to secure my Stand Alone app. Now I am on HTTP Parameter Pollution (HPP) and Insecure direct object references (IDOR). I need to check and disable if there are some security issues with URL Parameters and POST Parameters. to succeed i need to block HTTP Parameter Pollution (HPP) : 1. On UniGUIServerModuleHTTPCommand, I check ARequestInfo.Params 2. On UniGUIMainModuleHandleRequest, I check TUniGUISession(ASession).ARequest.Params 3. On UniMainFormCreate, I check UniApplication.Parameters, but if it is possible to capture and check the POST parameters at these 3 points, that would be even better. If someone can help, please advise. More info about problems: https://www.imperva.com/learn/application-security/http-parameter-pollution/ https://www.imperva.com/learn/application-security/insecure-direct-object-reference-idor/ https://medium.com/@jetti.dinesh/insecure-direct-object-reference-idor-vulnerabilities-df551431eb7b https://portswigger.net/web-security/access-control/idor

Hello. I need to handle and check all parameters sent with POST request, need to check if is parameters (username and password) are with valid data before use it . Is there a something like ARequestInfo.Params on uniServerModule that I can use ? like this example: POST /users HTTP/1.1 Host: bookstore.com Content-Type: application/x-www-form-urlencoded Content-Length: length username=BookLover101&password=SecretPassword In this example, the first line, `POST /users HTTP/1.1` indicates a POST request. The `Host` is where the request is being sent. The `Content-Type` tells the server what data is being sent (in this case, form data), and `Content-Length` specifies how long the body data is.