Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load
info on the page from the server without having to re-load the page.
Recently I've received complaints of it not working, and the common thread
is that these users have Norton Internet Security installed (sorry, don't
know the version, but let's assume the latest). I don't have NIS. Can anyone
give me clear instructions as to how a user can change his/her NIS settings
so that a certain site may be trusted or so that users can use sites that
utilize the XMLHTTP object? Even when they shut off NIS, it still won't
allow access until they actually set it for manual start-up and then restart
their computer. TIA
-Monty 6 1748
I dont use NIS so I cant tell you that, but you may want to rethink how you
are doing it rather then making the users change their security settings.
Its usually not considered a good idea to force the users to do anything
that could potentially open up a security hole.
--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"WhenAmIOn. com" <wh**@noSPAM.co m> wrote in message
news:42******** *************** **@KNOLOGY.NET. .. Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
You are probably having an issue with the personal firewall software
blocking outgoing network requests (this is what it is supposed to do). It
has a lot of configuration settings. My installation, for example, warns me
each time a new program is attempting to access the network and gives me the
option to allow access or block it.
If you have a link to a public site I'll have a look at what message I get
from NIS. Depending on your audience however, you will probably have to
change your approach as Curt_C mentioned.
--
--Mark Schupp
Head of Development
Integrity eLearning www.ielearning.com
"WhenAmIOn. com" <wh**@noSPAM.co m> wrote in message
news:42******** *************** **@KNOLOGY.NET. .. Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
Thanks Curt, but I have to disagree. XMLHTTP is not a security hole per se,
it is a tool. Like any technology that connects to the internet, it has it's
inherent risks, but that doesn't necessarily make it a "security hole" any
more than Firefox or Telnet (well, ok, maybe a little more than Telnet). If
NIS were to block access to Outlook citing the fact that many viruses come
from email, and I wanted to send an email to a person using NIS, would you
recommend that I "rethink" my method and just call 'em on the phone instead
of sending an email? I don't think so (or, at least I hope not). Hasn't more
malicious damage been done through email viruses than XMLHTTP?
I will grant you that from an ease-of-use perspective it would certainly be
easier for them if I re-wrote my architecture, but that is not feasible at
this time. But hypothetically, if I ~did~ re-write my architecture using
another perfectly valid tool and NIS later decides that that tool is bad
too, what would you recommend then? Do you recommend I re-write a third
time? Where does it stop?
Sorry, hope this doesn't sound testy, I'm just frustrated with this
situation. I look forward to your response...
"Curt_C [MVP]" <software_AT_da rkfalz.com> wrote in message
news:uU******** ******@TK2MSFTN GP09.phx.gbl... I dont use NIS so I cant tell you that, but you may want to rethink how you are doing it rather then making the users change their security settings. Its usually not considered a good idea to force the users to do anything that could potentially open up a security hole.
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"WhenAmIOn. com" <wh**@noSPAM.co m> wrote in message news:42******** *************** **@KNOLOGY.NET. .. Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
I'm not saying that XMLHTTP is a security hole, I'm saying that opening the
NIS to allow it may cause a security hole.
As for your other point, well you wont like my answer but its really a
matter of trying to use the wrong technology. You are trying to "make" a
browser do something it wasnt inteded for. WWW is a request/response system,
and as such you are trying to override this and make it a "polling" system.
That said, its really not an ASP issue.... so as this is an ASP group you
may be getting a limited set of options. You may get more, or better,
responses in a clientside group.......
And I feel your frustration.... trust me.... been there, done that.....
hated it.
--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Monty" <Mo***@noSPAM.c om> wrote in message
news:42******** *************** ****@KNOLOGY.NE T... Thanks Curt, but I have to disagree. XMLHTTP is not a security hole per se, it is a tool. Like any technology that connects to the internet, it has it's inherent risks, but that doesn't necessarily make it a "security hole" any more than Firefox or Telnet (well, ok, maybe a little more than Telnet). If NIS were to block access to Outlook citing the fact that many viruses come from email, and I wanted to send an email to a person using NIS, would you recommend that I "rethink" my method and just call 'em on the phone instead of sending an email? I don't think so (or, at least I hope not). Hasn't more malicious damage been done through email viruses than XMLHTTP?
I will grant you that from an ease-of-use perspective it would certainly be easier for them if I re-wrote my architecture, but that is not feasible at this time. But hypothetically, if I ~did~ re-write my architecture using another perfectly valid tool and NIS later decides that that tool is bad too, what would you recommend then? Do you recommend I re-write a third time? Where does it stop?
Sorry, hope this doesn't sound testy, I'm just frustrated with this situation. I look forward to your response... "Curt_C [MVP]" <software_AT_da rkfalz.com> wrote in message news:uU******** ******@TK2MSFTN GP09.phx.gbl...I dont use NIS so I cant tell you that, but you may want to rethink how you are doing it rather then making the users change their security settings. Its usually not considered a good idea to force the users to do anything that could potentially open up a security hole.
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"WhenAmIOn. com" <wh**@noSPAM.co m> wrote in message news:42******** *************** **@KNOLOGY.NET. .. Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
Thanks Curt, I think we'll have to agree to disagree. The browser and the
XMLHTTP object both work perfectly well together for me at what they're
designed to do, it's only when NIS gets involved that we reaffirm the truism
"three's a crowd".
This app is written in ASP.net, so that's why I chose this one. Sorry for
this stupid question, but could you recommend by name a better newsgroup for
this? The only client-side specific one I could find was in Danish, and I'm
a little rusty.
"Curt_C [MVP]" <software_AT_da rkfalz.com> wrote in message
news:uS******** ********@TK2MSF TNGP15.phx.gbl. .. I'm not saying that XMLHTTP is a security hole, I'm saying that opening the NIS to allow it may cause a security hole. As for your other point, well you wont like my answer but its really a matter of trying to use the wrong technology. You are trying to "make" a browser do something it wasnt inteded for. WWW is a request/response system, and as such you are trying to override this and make it a "polling" system. That said, its really not an ASP issue.... so as this is an ASP group you may be getting a limited set of options. You may get more, or better, responses in a clientside group.......
And I feel your frustration.... trust me.... been there, done that..... hated it.
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"Monty" <Mo***@noSPAM.c om> wrote in message news:42******** *************** ****@KNOLOGY.NE T... Thanks Curt, but I have to disagree. XMLHTTP is not a security hole per se, it is a tool. Like any technology that connects to the internet, it has it's inherent risks, but that doesn't necessarily make it a "security hole" any more than Firefox or Telnet (well, ok, maybe a little more than Telnet). If NIS were to block access to Outlook citing the fact that many viruses come from email, and I wanted to send an email to a person using NIS, would you recommend that I "rethink" my method and just call 'em on the phone instead of sending an email? I don't think so (or, at least I hope not). Hasn't more malicious damage been done through email viruses than XMLHTTP?
I will grant you that from an ease-of-use perspective it would certainly be easier for them if I re-wrote my architecture, but that is not feasible at this time. But hypothetically, if I ~did~ re-write my architecture using another perfectly valid tool and NIS later decides that that tool is bad too, what would you recommend then? Do you recommend I re-write a third time? Where does it stop?
Sorry, hope this doesn't sound testy, I'm just frustrated with this situation. I look forward to your response... "Curt_C [MVP]" <software_AT_da rkfalz.com> wrote in message news:uU******** ******@TK2MSFTN GP09.phx.gbl...I dont use NIS so I cant tell you that, but you may want to rethink how you are doing it rather then making the users change their security settings. Its usually not considered a good idea to force the users to do anything that could potentially open up a security hole.
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"WhenAmIOn. com" <wh**@noSPAM.co m> wrote in message news:42******** *************** **@KNOLOGY.NET. .. Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
Whoops, found some groups. Thanks.
"Monty" <Mo***@noSPAM.c om> wrote in message
news:3c******** *************** ***@KNOLOGY.NET ... Thanks Curt, I think we'll have to agree to disagree. The browser and the XMLHTTP object both work perfectly well together for me at what they're designed to do, it's only when NIS gets involved that we reaffirm the truism "three's a crowd".
This app is written in ASP.net, so that's why I chose this one. Sorry for this stupid question, but could you recommend by name a better newsgroup for this? The only client-side specific one I could find was in Danish, and I'm a little rusty.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Dave |
last post by:
Hello, all! I'm having a small problem displaying an ordinary GIF file on my
web site.
It's just a banner with a transparent background. When I have Norton
Internet Security disabled, it displays fine. When I enable Internet
Security, the GIF disappears when I refresh the page - it doesn't even show
an image placeholder. (Test was run with IE and Netscape).
And you know what? I keep hitting refresh with Internet Security disabled,
and...
|
by: Al Christoph |
last post by:
I'm running VB2003 on a new Dell Laptop where Dell in its infinite wisdom put
on Norton Internet Security. UGH! Maybe I should have paid business rather
than home prices:-)
At any rate with Internet Security turned on, when I debug my console
application, VB 2003 hangs and the program never gets to the first line.
When I run the program stand alone - Norton says that the program is
attempting to connect to a DNS server. SAY WHAT?...
|
by: TC |
last post by:
Hello All,
I have recently had the pleasure of installing Norton Internet Security 2005
and finding that I can no longer create or open a web-based application in
Visual Studio .Net. The IDE just freezes. I tried fiddling with the
configuration settings of the Norton Firewall but was not successful. I
tried launching IIS from the Control Panel and it would not launch.
I saw one article in Groups.Google from a previous post that the...
|
by: Sven |
last post by:
I'm certainly not the first to write about this subject, but I came
across it after buying a new PC with NIS on it and it messed up my
site without telling or yelling.
I solved it by this statement in the <head></head>
<script src=http://www.mydomain.com/norton.js></script>
and the script at http://www.mydomain.com/norton.js contains the
follwing code:
function undonorton(){
infected=false;
|
by: clemke |
last post by:
Hello All
Is it possible for Norton Internet Security 2003 to strip out
references to images from the html before it gets to the browser?
Here is an example:
On the Web Server The HTML File Looks Like This:
<a href="01.htm"><img src="th01.jpg" hspace=0 vspace=0 border=0
width=120 height=90></a>
| |
by: Ammar |
last post by:
Hi!
I am running IIS 5 on windowsXP proffesional with norton internet security
proffesional 2004. I have been trying to make an ASP.NET page that sends a
report as an e mail to the webmaster of the site when a user subscribes in
the site. The page runs well, but the e mail is never delivered!
After long hours of search i found that turning norton Internet securty off
solves the whole probelm!
But then of course, i dont want to run my IIS...
|
by: Chris Zoper |
last post by:
Hello,
Norton Internet Security blocks some of my ASP.NET pages. The pages are
very 'normal' pages though. There is no 'dangerous' code in it or
something like that. Also, the page is not in a pop-up. Most of my pages
work just fine, but when I navigate to a specific page, it won't open. I
don't get an exception or a warning, the page just won't finish loading.
When I disable Norton Internet Security, it works fine again.
Also when I...
|
by: gregory_may |
last post by:
I am developing an application that I would like to distribute on CD.
Norton blows it up very badly. Is there some API I can talk to let Norton
know I am ok?
|
by: Innycool |
last post by:
Save 25% on Norton Internet Security
Automatic security updates
Advanced phishing detection
Two-way firewall blocks hackers
Windows security holes shielded
Public wireless network protection
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |