huayan889
-
Posts
99 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by huayan889
-
-
-
6 minutes ago, Sherzod said:
Thank you.
-
hi,How to modify back text in unimnestedlist?
-
11 hours ago, Farshad Mohajeri said:
Confirmed.
Issue is fixed and will be available in the next build.
thank
-
-
-
56 minutes ago, Farshad Mohajeri said:
您是否正在处理应用中的 httpcommand 事件?
此外,还必须将超级服务器和节点应用程序升级到新版本。
hyper server(1.90.0.1541) and node applications is new version(1.90.0.1541) -
53 minutes ago, Farshad Mohajeri said:
Hello
It is enabled by default.
-
On 12/3/2020 at 3:22 AM, Farshad Mohajeri said:
Yes, those commands are not handled internally.
I will add a fix so those commands will return 405 if not handled by user code.
Hello, I see that v1.90.0.1541 has been added:
[ung-3180] - unhandled HTTP commands should return 405
How to set it to work? -
需然用AWS能扫出这漏洞,经验证后发现unigui本身就没实现HEAD、DELETEPUT、TRACE和OPTION这些功能,但默认返回200,安全工具根据返回状态判断命令执行成功。知道原因后解决起来很简单,当执行HEAD、DELETE、PUT、TRACE和OPTION等命令时直接返回405就可以。
However, AWS can be used to scan this vulnerability. After verification, it is found that unigui does not implement the functions of head, delete put, trace and option, but it returns 200 by default. The security tool judges that the command is executed successfully according to the return status. It is very easy to solve the problem after knowing the cause. When executing the commands such as head, delete, put, trace and option, you can directly return 405. -
使用HyperServer后同样会出现“做安全扫描时发现有“启用了不安全的 HTTP 方法”的问题,官方能否可以参考这个方法修复一下?
After using hyperserver, there will also be the problem that "unsafe HTTP method is enabled" during security scanning. Can the official refer to this method to fix it?procedure TUniServerModule.UniGUIServerModuleHTTPCommand(
ARequestInfo: TIdHTTPRequestInfo; AResponseInfo: TIdHTTPResponseInfo;
var Handled: Boolean);
begin
if (ARequestInfo.CommandType =hcHEAD) or
(ARequestInfo.CommandType =hcPUT) or
(ARequestInfo.CommandType =hcTRACE) or
(ARequestInfo.CommandType =hcOPTION) or
(ARequestInfo.CommandType =hcDELETE) then
begin
Handled := false;
AResponseInfo.ResponseNo:=405;
AResponseInfo.CloseConnection:=true;
end;
end; -
使用HyperServer后同样会出现“做安全扫描时发现有“启用了不安全的 HTTP 方法”的问题,官方能否可以参考这个方法修复一下?
procedure TUniServerModule.UniGUIServerModuleHTTPCommand( ARequestInfo: TIdHTTPRequestInfo; AResponseInfo: TIdHTTPResponseInfo; var Handled: Boolean); begin if (ARequestInfo.CommandType =hcHEAD) or (ARequestInfo.CommandType =hcPUT) or (ARequestInfo.CommandType =hcTRACE) or (ARequestInfo.CommandType =hcOPTION) or (ARequestInfo.CommandType =hcDELETE) then begin Handled := false; AResponseInfo.ResponseNo:=405; AResponseInfo.CloseConnection:=true; end; end;
-
终于找到解决方法了,需然用AWS能扫出这漏洞,经验证后发现unigui本身就没实现HEAD、DELETEPUT、TRACE和OPTION这些功能,但默认返回200,安全工具根据返回状态判断命令执行成功。 知道原因后解决起来很简单,当执行HEAD、DELETE、PUT、TRACE和OPTION等命令时直接返回405就可以。 procedure TUniServerModule.UniGUIServerModuleHTTPCommand( ARequestInfo: TIdHTTPRequestInfo; AResponseInfo: TIdHTTPResponseInfo; var Handled: Boolean); begin if (ARequestInfo.CommandType =hcHEAD) or (ARequestInfo.CommandType =hcPUT) or (ARequestInfo.CommandType =hcTRACE) or (ARequestInfo.CommandType =hcOPTION) or (ARequestInfo.CommandType =hcDELETE) then begin Handled := false; AResponseInfo.ResponseNo:=405; AResponseInfo.CloseConnection:=true; AResponseInfo.CharSet := 'UTF-8'; AResponseInfo.ContentType := 'Text'; AResponseInfo.ContentText := '本软件不支持HEAD,DELETE,PUT,TRACE,OPTION等命令!'; end; end;
-
I also found out the problem of tunipdf frame yesterday. My A4 horizontal PDF Print became 3 pages.
-
使用1.90.0.1535编译的应用做安全扫描时发现有“启用了不安全的 HTTP 方法”,这个漏洞的影响是:可能会在 Web 服务器上上载、修改或删除 Web 页面、脚本和。如果使用 Tomcat修复很简单,直接修改 的 web.xml 就可以,但unigui不清楚怎样修复?
<security-constraint>
<web-resource-collection>
<web-resource-name>fortune</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint></auth-constraint>
</security-constraint>
-
-
-
-
thanks
-
-
procedure TMainmForm.UnimFormCreate(Sender: TObject);
begin
UnimVideo1.Urls.Clear;
UnimVideo1.Url :='files/0622v2.mp4';
UnimVideo1.Play;
end;
procedure TMainmForm.UnimVideo1Ended(Sender: TObject);
begin
UnimVideo1.Url := 'files/small.mp4';
UnimVideo1.Play;
end;
//This is modified, but the play is still the last one,Player list cannot be changed
-
Cannot change!
-
The example in demo can only play URLs first! Please help me。thank you!
How to turn to page x# with UniPDFFrame
in General
Posted
how use code to print pdf ?