Does Sentinel allow OAs to be provoked when enemies move towards you?

Ok so I was chatting with one of my party mates and we were debating If sentinel allowed me to get an opportunity attack if the enemy is approaching me. The reason I ask this is cause I wanted to use a lance, seeing as how the lance gives me a range of 10ft. Because nothing in the wording of the feat says specifically that it has to be an enemy leaving, do I still get that opportunity attack?

Allow Sharepoint REST API app access to a singular list and nothing else

By default the permissions of a sharepoint app seem limited to read/write/full control over the entire site.

I’m looking for a way to grant a supplier access to a list but do not want them to be able to access the information stored on the site other than the list.

Preferred solution would be to limit the app using user permissions like a regular user.

Why Would A Web Server Allow Loading XML External Entities?

I’ve been reading up on XXE Injection, and so far every example I’ve seen has involved a webserver voluntarily loading xml external entities (as below).

<?php  libxml_disable_entity_loader (false);  $  xmlfile = file_get_contents('php://input');  $  dom = new DOMDocument();  $  dom->loadXML($  xmlfile, LIBXML_NOENT | LIBXML_DTDLOAD);  $  creds = simplexml_import_dom($  dom);  $  user = $  creds->user;  $  pass = $  creds->pass;  echo "You have logged in as user $  user";?> 

Given the risk of XXE Injection attacks and the possibility for those attacks to a) disclose confidential information and/or b) perform remote code execution (RCE), why would a web server developer/admin decide to enable loading external xml entities in the first place?

So far I haven’t seen any explanation for what the motivation is to enable loading external xml entities. Is it just lazy coding? Ignorance? Convenience?

What are the correct network settings for VirtualBox VMs to allow DNS spoofing attack [on hold]

I need to implement DNS spoofing attack usign VMs. My host network is connected to a Wireless network.

I created one Kali Linux machine (the attacker machine) and another Win10 machine (the victim machine).

I need the victim machine to be able to connect to the Internet as well as be reachable to the attacker.

Can any one help me please on the right network configurations to enable this attack?

The attacker needs the Default Gateway and the victim’s IP. How to get the DG address?

If I setup the VMs network settings as NAT, the ettercap can not see them when I sniff the newtork.

If I set up my VMs with host-only network settings, they see each other but they are in a different subnet than the actual Gateway and hence can not connect to the Internet.

Can you please provide the correct network settings to implement DNS spoofing in VMs environment and a host device connected to Wireless network?

Magento 2 frontend route only allow POST method

I create a frontend route like this:

<?xml version="1.0"?>  <config xmlns:xsi="" xsi:noNamespaceSchemaLocation="urn:magento:framework:App/etc/routes.xsd">     <router id="standard">         <route id="spin" frontName="spin">             <module name="Neverending_Story" />         </route>     </router> </config> 

How can i allow only POST method request that can access this route ??

Does the Otyugh’s Tentacle attack allow a saving throw to avoid being grappled if the attack hits? [duplicate]

This question already has an answer here:

  • Is an Otyugh's grapple different from a standard grapple? 2 answers

Per the Monster Manual’s statblock for the Otyugh (pg 248), a successful tentacle attack results in the following:

If the target is Medium or smaller, it is grappled (escape DC13) and restrained until the grapple ends.

Does the target get a chance to do a save of some kind to avoid being grappled in the first place? I am aware that the target can use an action to escape after being grappled, but is there any way a Medium or smaller creature can avoid being grappled on a successful hit with a tentacle attack?

Do the rebuilding/retraining rules from PHB II allow “bootstrap” qualification, creating legal characters that could not be made without these rules?

The rebuilding/retraining rules (PHB II, p. 192) allow a player character to retroactively change character choices, including feats and class levels. The rules include some restrictions that look like they’re trying to discourage you from trading away your prerequisites after using them to qualify for something. For instance, from the section on class levels (p. 197):

If reallocating your character’s class levels disqualifies him from a prestige class in which he already has one or more levels, he loses the benefit of any class features or other special abilities granted by that class.

Other options (feats, substitution levels, class feature choices, etc.) include similar restrictions – you must demonstrate not only that you qualify for the thing you’re retraining into, but also that you still qualify for the other parts of your build (or else you lose access to their abilities, as above).

However, some character options can supply their own prerequisites. For instance, the Nar Demonbinder prestige class (Unapproachable East, p. 25) requires the ability to cast 4th level spells, but also provides the ability to cast 4th level spells.

Would the following sequence of steps be legal?

  • Qualify for Nar Demonbinder by obtaining some way of casting 4th level spells (say, 7 levels of Wizard)
  • Take your first level of Nar Demonbinder (thus being able to cast 4th level spells as a Wizard, but also different 4th level spells as a Nar Demonbinder)
  • Rebuild away your Wizard levels into something else, losing the 4th level spellcasting that you originally used to qualify for Nar Demonbinder
  • Keep your Nar Demonbinder abilities, because you still meet its prerequisites (by casting 4th level Nar Demonbinder spells)