Jump to content

irigsoft

uniGUI Subscriber
  • Posts

    1353
  • Joined

  • Last visited

  • Days Won

    22

Everything posted by irigsoft

  1. ".....a simple flood prevention mechanism by preventing sessions from being created too fast. Unit for this property is milliseconds. ": https://unigui.com/resources/online-documentation/developer-manual
  2. I found solution: when a flood occurs a specific message occurs which can be used to add RemoteIP to the BlockedIPList.
  3. Thanks for the explanation, but the questions are more about what is integrated in unigui and how to integrate it if it doesn't exist. I'm interested in various documentation and modern web security settings, standards, etc., but I don't know what it is and how it's integrated into unigui. For example, since unigui has AntiFlood settings, I want to use it and block the RemoteIP that creates it accordingly. Do you know how to do this in unigui without buying external software? The goal is to make the applications developed, through Uniguy, more secure by applying known standards and security measures
  4. If some one can help, how to know (and add in Blocking list) remoteIP by flood detection from unigui ?
  5. Hi, I am trying to extend my protection against XSS attacks and I am trying to add a Java Encoder, if anyone can help please advise.
  6. Hi, 1. Is it possible to use some Java Encoder to encoded output. 2. Is it possible to integrate this OWASP Java Encoder and how Please look at the OWASP Java Encoder JavaScript encoding examples for examples of proper JavaScript use that requires minimal encoding. https://owasp.org/www-project-java-encoder/
  7. Hello, I'm developing a standalone application and I'm trying to block any IP (add in BlockedIPList) that generates more than two (or more) flood detections. Is it possible to find out this information, through some function in the Servermodule or some variable? For example, when unigui detects the presence of Antifloodperip, to record this in some variable (along with the Remote IP address) that we can read from the server side. Another option is if I can set servermodule.Options.[MoreThenXFloodAddInBlockingList] = 3 and take into account when AntiFloodPerIP > 0
  8. @Sherzod, do you know if it is possible to get this information?
  9. I need to control the traffic of each session. In traffic control, I want to see and block if it is above [trafficeLimit] (parameter controlled by settings file) for each user session. Reason: I want to control when someone tries to upload or send large data packets (if bad people try to block the server) At this point I'm checking when (UniServerModule.ServerStats.BytesSent + UniServerModule.ServerStats.BytesReceived) > [TrafficLimit] via UniGUIServerModuleHTTPCommand, but that gives me all the traffic for the server and I realize that's not what I need. Is there some BytesSent/BytesReceived that applies to each session and how can I track and control it?
  10. maybe this will show you some points: http://forums.unigui.com/index.php?/search/&q=TLS 1.2&quick=1&search_and_or=or&sortby=relevancy and some solutions:
  11. So you dont want to be in fullscreen ?
  12. hi, try this: https://developer.mozilla.org/en-US/docs/Web/API/ScreenOrientation/lock https://stackoverflow.com/questions/55564148/web-app-screen-orientation-lock-orientation-lock-failed
  13. Hi, I have created an android app using webview to use uniGui under android and it is working properly. I don't use FMX ! maybe this will help:
  14. Is it possible to use Hidden Panel like parent for non visible components ? - How Hidden Panel or ContainerPanel ? is it possible to set style.display=none of some DOM elements? - How
  15. Hello. I'm trying to find a way to speed up the loading of the main form. the principle of operation at the moment is the following (everything happens on the server side): 1. Upon login, the customer selects a design to use. This design is stored in a settings file (xml, json, txt) 2. After authorization in the system, the main form loads the file and starts creating the components as they are created in a normal Desktop application, and here in the FormCreate event I use Form.SuspendLayout and in FormReady - Form.ResumeLayout. Apparently something in my way of working is not right as I get a load time of 20 seconds for a 1.5MB component file (about 200 components like panel, groupbox, button, bitbtn, grid). I found some advice on the forum about using a hidden panel, but that moves all the main components (whose parent is the main form) and breaks the design, and doesn't make the form load faster. Can you guide me how to use a hidden panel or other component to speed up the loading of the form components. I must say that a very small fraction of the components that are in the design are used/seen in the form when it is opened (about 10%). Most components are shown or hidden based on user actions.
  16. Hello, I make solution my own. here is it: I use replace URL when user connect and remove some parameters from URL. You try to use this to replace some params when restart session (or use cookies) UniMainModule.CommandLine := TStringList.Create; UniMainModule.CommandLine.StrictDelimiter := True; for i:= 0 to UniApplication.Parameters.Count - 1 do begin try UniMainModule.CommandLine.Add (UniApplication.Parameters [I]); except end; end; //read full URL newURL := UniSession.ARequest.Referer; newURL := StringReplace (newURL,'&user=' + UniMainModule.CommandLine.Values ['user'],'',[rfReplaceAll]); newURL := StringReplace (newURL,'someotherparams=' + UniMainModule.CommandLine.Values ['someotherparams'],'',[rfReplaceAll]); //clear browser data UniSession.AddJS( // Current URL: UniSession.ARequest.Referer 'const nextURL = ''' + newURL + ''';' + 'const nextTitle = ''' + UniServerModule.Title + ''';' + 'const nextState = { additionalInformation: ''Updated'' };' // This will create a new entry in the browser's history, without reloading + 'window.history.pushState(nextState, nextTitle, nextURL);' // This will replace the current entry in the browser's history, without reloading + 'window.history.replaceState(nextState, nextTitle, nextURL);' ); UniSession.ARequest.Referer := newURL; Try it ! here is my replacement of ServerMessages.ExceptionTemplate, InvalidSessionTemplate, TerminateTemplate urlMessage := '<html>' + '<style>' //first style //+ '.button {' //+ ' border: none;' //+ ' color: white;' //+ ' padding: 16px 32px;' //+ ' text-align: center;' //+ ' text-decoration: none;' //+ ' display: inline-block;' //+ ' font-size: 16px;' //+ ' margin: 4px 2px;' //+ ' transition-duration: 0.4s;' //+ ' cursor: pointer;' //+ ' border-radius: 12px;' //+ ' box-shadow: 0 8px 16px 0 rgba(0,0,0,0.2), 0 6px 20px 0 rgba(0,0,0,0.19);' //+ ' margin: 0;' //+ ' position: absolute;' //+ ' top: 10%;' //+ ' left: 50%;' //+ ' -ms-transform: translate(-50%, -50%);' //+ ' transform: translate(-50%, -50%);' //+ '}' //+ '.button1 {' //+ ' background-color: white;' //+ ' color: black;' ////+ ' border: 2px solid #4CAF50;' //+ '}' //+ '.button1:hover {' //+ ' background-color: #4CAF50;' //+ ' color: white;' //+ '}' //like click //+ '.button1:active {' //+ ' background-color: #3e8e41;' //+ ' box-shadow: 0 5px #666;' //+ ' transform: translateY(4px);' //+ '}' //second style + '.button {' + ' font-size: 16px;' + ' margin: 4px 2px;' //+ ' transition-duration: 0.4s;' + ' text-align: center;' + ' text-decoration: none;' + ' display: inline-block;' + ' padding: 16px 32px;' + ' text-align: center;' + ' position: absolute;' + ' cursor: pointer;' + ' outline: none;' + ' color: #fff;' + ' background-color: #04AA6D;' + ' border: none;' + ' border-radius: 15px;' + ' box-shadow: 0 9px #999;' + ' top: 10%;' + ' left: 43%;' //+ ' -ms-transform: translate(-50%, -50%);' //+ ' transform: translate(-50%, -50%);' + '}' + '.button:hover {background-color: #3e8e41}' + '.button:active {' + ' -webkit-animation:anim-effect-c 2s;'// forwards;' + ' color: red;' // + ' background-color: #3e8e41;' + ' background-color: yellow;' + ' box-shadow: 0 5px #666;' + ' transform: translateY(4px);' + ' }'//:active // + '.button::after {' // + ' -webkit-animation:anim-effect-c 2s forwards;' // + ' background-color: red;' // + ' -webkit-transform:scale3d(0.3,0.3,1);' // + '}'//:after + '@-webkit-keyframes anim-effect-c {' + ' 0% {' + ' opacity:1;' + ' -webkit-transform:scale3d(0.5,0.5,1);' + ' }' + ' 15% {' + ' opacity:1;' + ' -webkit-transform:scale3d(1.5,1.5,1);' + ' }' + ' 30% {' + ' opacity:1;' + ' background-color: red;' + ' color: green;' + ' -webkit-transform:scale3d(2,2,1);' + ' }' + ' 50% {' + ' opacity:0;' + ' background-color: blue;' + ' color: red;' + ' -webkit-transform:scale3d(0.3,0.3,1);' + ' }' + ' 100% {' + ' opacity:0;' + ' background-color: #3e8e41;' + ' -webkit-transform:scale3d(1,1,1);' + ' }' + '}'//@-webkit-keyframes anim-effect-c + '</style>' //reload page + '<script>' + 'function redirect() {' //remove hash from url, else block and have problem + ' var url = window.location.href;' + ' var hash = window.location.hash' + 'endss' + ';' + ' var index_of_hash = url.indexOf(hash) || url.length;' + ' var hashless_url = url.substr(0, index_of_hash);' //+ ' alert (hashless_url);' + ' location.href = hashless_url;' //clear url //+ 'location.href = window.location.href;' //replace hash //+ 'location.href.replace(location.hash,"");' + '}' + '</script>' + '<body bgcolor="#dfe8f6">' + '<p style="text-align:center;color:#0000A0">[###message###]</p>' + '<button class="button button1" type="button" onclick=redirect()>Restart application</button>' + '</body>' + '</html> ServerMessages.ExceptionTemplate.Text := urlMessage; ServerMessages.InvalidSessionTemplate.Text := urlMessage; ServerMessages.TerminateTemplate.Text := urlMessage;
  17. maybe not if you use this in bat file: set "params=%*" cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || ( echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/k cd ""%~sdp0"" && %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" && exit /B ) net stop YOURServiceName net start YOURServiceName //pause or this file: Restart_application.bat
  18. Hi, I'm looking for a way to speed up my unigrid on mobile. I get different time for the same design on desktop (4 GB RAM, 3.2 GHz CPU) = 1 second and mobile device (Android 2 GB RAM, 1.5 GHz CPU) = 5 seconds The rendering time is different. I searched the web and found suppressColumnVirtualisation=true from https://www.ag-grid.com/javascript-data-grid/grid-options/#scrolling or jquery-UI and jqgrid from https://stackoverflow.com/questions/24144077/javascript-jquery-runs-fast-in-desktop-browsers-but-slow-in-mobile-smartphone-b Is it possible (and how) to block a column on rendering like suppressColumnVirtualisation? I use UniGui Professional v1551
  19. this procedure get own thread ID and close it. So this restart application as Stand alone app.
  20. Hello. You can use Ajax to start procedure on server and this procedure to restart app procedure uniServerModule.RestartApp; var FullProgPath: PChar; begin FullProgPath := PChar(Application.ExeName);// + ' ' + ParamStr(1)); {repeat R := MsgWaitForMultipleObjects(EventCount, EventArray, False, INFINITE, QS_ALLINPUT); if R = WAIT_OBJECT_0 + EventCount then begin while PeekMessage(M, 0, 0, 0, PM_REMOVE) do begin if M.Message = WM_QUIT then Break; TranslateMessage(M); DispatchMessage(M); end; if M.Message = WM_QUIT then Break; end; until Terminated; } //uniApplication.Terminate; UniServerModule.Terminated := True; //UniServerInstance.TerminateStandAlone(); UniApplication.Terminate('Restart Server'); // to put the app in a closed state in the browser //Application.Terminate; //WinExec (FullProgPath, SW_SHOW); //ExitProcess(0); //repeat PostThreadMessage(Application.Handle {MainThreadID},wm_quit,0,0); // will tell the main application to terminate //until Application.Terminated; Application.ProcessMessages; //PlaySystemSound (3,300,100); //PlaySystemSound (3,800,120); WinExec (FullProgPath, SW_SHOW); end;
  21. Hello, try with this CSS settings: .x-mask-msg, .x-mask-msg-inner { text-align: -webkit-center; white-space: break-spaces; color: #a85432; line-height: 2; width: 200px; height: 200px; font-size: 20px;!important; }
  22. How about to security settings? use it on TUniServerModule.UniGUIServerModuleHTTPCommand https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy AResponseInfo.CustomHeaders.AddValue('Cross-Origin-Opener-Policy', 'same-origin'); https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy AResponseInfo.CustomHeaders.AddValue('Cross-Origin-Embedder-Policy', 'require-corp'); https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy AResponseInfo.CustomHeaders.AddValue('Referrer-Policy', 'strict-origin-when-cross-origin'); //protect from ClickJacking Attack. AResponseInfo.CustomHeaders.AddValue('X-Frame-Options', 'DENY'); //protect from XSS (Javascript) injection - https://geekflare.com/http-header-implementation/#anchor-x-content-type-options AResponseInfo.CustomHeaders.AddValue('X-XSS-Protection', '1; mode=block'); https://geekflare.com/http-header-implementation/ AResponseInfo.CustomHeaders.AddValue('X-Content-Type-Options', 'nosniff'); other search results: https://stackoverflow.com/questions/19043528/simplest-way-to-disable-links-to-external-website First set the following event handler to detect whenever the user clicks a link in the video and is about to be navigated away from the page: "This would prevent the default action on all anchor tags (navigation in this case) and you can add your own custom handler if you want to alert the user that they are about to navigate away from the website (don't return false in that case)." window.onbeforeunload = function() { if (window.isPlayingVideo) { //return false; return "Are you sure you want to stop playing the video and leave the website?"; } } Then, whenever the user clicks the video thumbnail to open the modal player and start playing the video, set the following flag: window.isPlayingVideo = true; https://www.google.com/search?q=disable+external+links+javascript&oq=disable+external+links+javascript&aqs=chrome..69i57j0i22i30j0i390i650.8999j0j7&sourceid=chrome&ie=UTF-8&bshm=rime/1
×
×
  • Create New...