Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load
info on the page from the server without having to re-load the page.
Recently I've received complaints of it not working, and the common thread
is that these users have Norton Internet Security installed (sorry, don't
know the version, but let's assume the latest). I don't have NIS. Can anyone
give me clear instructions as to how a user can change his/her NIS settings
so that a certain site may be trusted or so that users can use sites that
utilize the XMLHTTP object? Even when they shut off NIS, it still won't
allow access until they actually set it for manual start-up and then restart
their computer. TIA
-Monty 6 1737
I dont use NIS so I cant tell you that, but you may want to rethink how you
are doing it rather then making the users change their security settings.
Its usually not considered a good idea to force the users to do anything
that could potentially open up a security hole.
--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"WhenAmIOn.com" <wh**@noSPAM.com> wrote in message
news:42*************************@KNOLOGY.NET... Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
You are probably having an issue with the personal firewall software
blocking outgoing network requests (this is what it is supposed to do). It
has a lot of configuration settings. My installation, for example, warns me
each time a new program is attempting to access the network and gives me the
option to allow access or block it.
If you have a link to a public site I'll have a look at what message I get
from NIS. Depending on your audience however, you will probably have to
change your approach as Curt_C mentioned.
--
--Mark Schupp
Head of Development
Integrity eLearning www.ielearning.com
"WhenAmIOn.com" <wh**@noSPAM.com> wrote in message
news:42*************************@KNOLOGY.NET... Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
Thanks Curt, but I have to disagree. XMLHTTP is not a security hole per se,
it is a tool. Like any technology that connects to the internet, it has it's
inherent risks, but that doesn't necessarily make it a "security hole" any
more than Firefox or Telnet (well, ok, maybe a little more than Telnet). If
NIS were to block access to Outlook citing the fact that many viruses come
from email, and I wanted to send an email to a person using NIS, would you
recommend that I "rethink" my method and just call 'em on the phone instead
of sending an email? I don't think so (or, at least I hope not). Hasn't more
malicious damage been done through email viruses than XMLHTTP?
I will grant you that from an ease-of-use perspective it would certainly be
easier for them if I re-wrote my architecture, but that is not feasible at
this time. But hypothetically, if I ~did~ re-write my architecture using
another perfectly valid tool and NIS later decides that that tool is bad
too, what would you recommend then? Do you recommend I re-write a third
time? Where does it stop?
Sorry, hope this doesn't sound testy, I'm just frustrated with this
situation. I look forward to your response...
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:uU**************@TK2MSFTNGP09.phx.gbl... I dont use NIS so I cant tell you that, but you may want to rethink how you are doing it rather then making the users change their security settings. Its usually not considered a good idea to force the users to do anything that could potentially open up a security hole.
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"WhenAmIOn.com" <wh**@noSPAM.com> wrote in message news:42*************************@KNOLOGY.NET... Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
I'm not saying that XMLHTTP is a security hole, I'm saying that opening the
NIS to allow it may cause a security hole.
As for your other point, well you wont like my answer but its really a
matter of trying to use the wrong technology. You are trying to "make" a
browser do something it wasnt inteded for. WWW is a request/response system,
and as such you are trying to override this and make it a "polling" system.
That said, its really not an ASP issue.... so as this is an ASP group you
may be getting a limited set of options. You may get more, or better,
responses in a clientside group.......
And I feel your frustration.... trust me.... been there, done that.....
hated it.
--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Monty" <Mo***@noSPAM.com> wrote in message
news:42***************************@KNOLOGY.NET... Thanks Curt, but I have to disagree. XMLHTTP is not a security hole per se, it is a tool. Like any technology that connects to the internet, it has it's inherent risks, but that doesn't necessarily make it a "security hole" any more than Firefox or Telnet (well, ok, maybe a little more than Telnet). If NIS were to block access to Outlook citing the fact that many viruses come from email, and I wanted to send an email to a person using NIS, would you recommend that I "rethink" my method and just call 'em on the phone instead of sending an email? I don't think so (or, at least I hope not). Hasn't more malicious damage been done through email viruses than XMLHTTP?
I will grant you that from an ease-of-use perspective it would certainly be easier for them if I re-wrote my architecture, but that is not feasible at this time. But hypothetically, if I ~did~ re-write my architecture using another perfectly valid tool and NIS later decides that that tool is bad too, what would you recommend then? Do you recommend I re-write a third time? Where does it stop?
Sorry, hope this doesn't sound testy, I'm just frustrated with this situation. I look forward to your response... "Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message news:uU**************@TK2MSFTNGP09.phx.gbl...I dont use NIS so I cant tell you that, but you may want to rethink how you are doing it rather then making the users change their security settings. Its usually not considered a good idea to force the users to do anything that could potentially open up a security hole.
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"WhenAmIOn.com" <wh**@noSPAM.com> wrote in message news:42*************************@KNOLOGY.NET... Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
Thanks Curt, I think we'll have to agree to disagree. The browser and the
XMLHTTP object both work perfectly well together for me at what they're
designed to do, it's only when NIS gets involved that we reaffirm the truism
"three's a crowd".
This app is written in ASP.net, so that's why I chose this one. Sorry for
this stupid question, but could you recommend by name a better newsgroup for
this? The only client-side specific one I could find was in Danish, and I'm
a little rusty.
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:uS****************@TK2MSFTNGP15.phx.gbl... I'm not saying that XMLHTTP is a security hole, I'm saying that opening the NIS to allow it may cause a security hole. As for your other point, well you wont like my answer but its really a matter of trying to use the wrong technology. You are trying to "make" a browser do something it wasnt inteded for. WWW is a request/response system, and as such you are trying to override this and make it a "polling" system. That said, its really not an ASP issue.... so as this is an ASP group you may be getting a limited set of options. You may get more, or better, responses in a clientside group.......
And I feel your frustration.... trust me.... been there, done that..... hated it.
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"Monty" <Mo***@noSPAM.com> wrote in message news:42***************************@KNOLOGY.NET... Thanks Curt, but I have to disagree. XMLHTTP is not a security hole per se, it is a tool. Like any technology that connects to the internet, it has it's inherent risks, but that doesn't necessarily make it a "security hole" any more than Firefox or Telnet (well, ok, maybe a little more than Telnet). If NIS were to block access to Outlook citing the fact that many viruses come from email, and I wanted to send an email to a person using NIS, would you recommend that I "rethink" my method and just call 'em on the phone instead of sending an email? I don't think so (or, at least I hope not). Hasn't more malicious damage been done through email viruses than XMLHTTP?
I will grant you that from an ease-of-use perspective it would certainly be easier for them if I re-wrote my architecture, but that is not feasible at this time. But hypothetically, if I ~did~ re-write my architecture using another perfectly valid tool and NIS later decides that that tool is bad too, what would you recommend then? Do you recommend I re-write a third time? Where does it stop?
Sorry, hope this doesn't sound testy, I'm just frustrated with this situation. I look forward to your response... "Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message news:uU**************@TK2MSFTNGP09.phx.gbl...I dont use NIS so I cant tell you that, but you may want to rethink how you are doing it rather then making the users change their security settings. Its usually not considered a good idea to force the users to do anything that could potentially open up a security hole.
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"WhenAmIOn.com" <wh**@noSPAM.com> wrote in message news:42*************************@KNOLOGY.NET... Hi all,
I developed a web site that uses javascript and XMLHTTP to dynamically load info on the page from the server without having to re-load the page. Recently I've received complaints of it not working, and the common thread is that these users have Norton Internet Security installed (sorry, don't know the version, but let's assume the latest). I don't have NIS. Can anyone give me clear instructions as to how a user can change his/her NIS settings so that a certain site may be trusted or so that users can use sites that utilize the XMLHTTP object? Even when they shut off NIS, it still won't allow access until they actually set it for manual start-up and then restart their computer. TIA
-Monty
Whoops, found some groups. Thanks.
"Monty" <Mo***@noSPAM.com> wrote in message
news:3c**************************@KNOLOGY.NET... Thanks Curt, I think we'll have to agree to disagree. The browser and the XMLHTTP object both work perfectly well together for me at what they're designed to do, it's only when NIS gets involved that we reaffirm the truism "three's a crowd".
This app is written in ASP.net, so that's why I chose this one. Sorry for this stupid question, but could you recommend by name a better newsgroup for this? The only client-side specific one I could find was in Danish, and I'm a little rusty.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Dave |
last post by:
Hello, all! I'm having a small problem displaying an ordinary GIF file on my
web site.
It's just a banner with a transparent background. When I have Norton
Internet Security disabled, it...
|
by: Al Christoph |
last post by:
I'm running VB2003 on a new Dell Laptop where Dell in its infinite wisdom put
on Norton Internet Security. UGH! Maybe I should have paid business rather
than home prices:-)
At any rate with...
|
by: TC |
last post by:
Hello All,
I have recently had the pleasure of installing Norton Internet Security 2005
and finding that I can no longer create or open a web-based application in
Visual Studio .Net. The IDE...
|
by: Sven |
last post by:
I'm certainly not the first to write about this subject, but I came
across it after buying a new PC with NIS on it and it messed up my
site without telling or yelling.
I solved it by this...
|
by: clemke |
last post by:
Hello All
Is it possible for Norton Internet Security 2003 to strip out
references to images from the html before it gets to the browser?
Here is an example:
On the Web Server The HTML File...
|
by: Ammar |
last post by:
Hi!
I am running IIS 5 on windowsXP proffesional with norton internet security
proffesional 2004. I have been trying to make an ASP.NET page that sends a
report as an e mail to the webmaster of...
|
by: Chris Zoper |
last post by:
Hello,
Norton Internet Security blocks some of my ASP.NET pages. The pages are
very 'normal' pages though. There is no 'dangerous' code in it or
something like that. Also, the page is not in a...
|
by: gregory_may |
last post by:
I am developing an application that I would like to distribute on CD.
Norton blows it up very badly. Is there some API I can talk to let Norton
know I am ok?
|
by: Innycool |
last post by:
Save 25% on Norton Internet Security
Automatic security updates
Advanced phishing detection
Two-way firewall blocks hackers
Windows security holes shielded
Public wireless network...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
| |