I’m using Microsoft Edge w/ Windows 10 and I’m embedding videos on SharePoint pages from the the Office 365 Video Portal.
For some reason the allow full screen code is being stripped out after the code is saved to the page. Take a peek to see what happens graphically and the 2 different versions of code.
Is This a SharePoint Bug?
Every bug bounty program or text piece about bug bounty methodologies I’ve encountered is for some type of web service. I’m mostly focused on low-level system and embedded software. Are there bug bounty programs for someone with my type of skill set?
The way the service works is that the user can embed content on their site, that is served from my servers. Usage is tracked in “views”, or how many times the
src endpoint inside of the
<iframe> has been called.
I am trying to find out a way to verify that the origin site of the request is indeed the customer’s, and not some other web server. Using an API key as a query parameter leaves the possibility to just copy the
<iframe> element, and use the service for free, at the expense of the real customer.
Some methods that I have considered follow:
- Using the
referrer header of the HTTP request
The first of these methods can be defeated simply by sending a request to the endpoint from an AJAX request with the
origin header set to a customer’s website.
While I know that no solution is fool-proof, I am not quite satisfied with relying on the
origin HTTP header to determine usage.
Are there any alternative methods that do not rely on the customer rotating code, api key or otherwise, to prevent quota theft? Thanks in advance.
What is Embedded Style Sheet?
Our medical device has embedded processors and a USB port used for firmware updates and logfile transfers. The usual USB viruses are not a concern (no mechanism to load or execute them, wouldn’t run in our unique environment). However a secure upgrade method is required by a regulatory agency, in case of malicious attack by someone with a copy of the source code, build environment and schematics.
In learning about security, our current concept is to use signing and encryption for upgrades and to embed the public key. Then we have to keep the private key private for the product lifetime, hopefully on the order of twenty years.
Is there a standard way to do that? Keep it on a secure build server?
So I made a link to a document from one subsite to another subsite in sharepoint. I have used the embed web part and have inserted the link to the document instead of the iframe code. The document is an excel file but only half of the document is shown and there are no side bars to scroll across. how do I adjust the size of the embedded web part or the excel file? Any suggestions would be much appreciated.
Programming in embedded systems usually means working within tight memory, processing, timing and power constraints. (
malloc()? Forget it…)
Schedulers for embedded systems
For all but the simplest applications, it’s often helpful to have a scheduler to handle timed events, and for the embedded systems programmer, FreeRTOS is a popular choice. It’s a preemptive scheduler that handles tasks with multiple priorities and periodically checks to see if there’s a task with a higher priority that’s available for running.
Another approach is a “run to completion” scheduler, in which the scheduler runs a task until it completes before running the next. For the embedded systems engineer it’s not particularly difficult to write non-blocking tasks, though it does take some extra thought.
Advantages of a preemptive scheduler
The primary advantages of a preemptive scheduler are that you don’t have to write non-blocking tasks, and higher-priority tasks will always get serviced soon (where “soon” is determined by the scheduler tick rate).
Advantages of a run-to-completion scheduler
Some advantages of a run-to-completion scheduler is that the implementation can be very compact and efficient and it’s easy to put the system to sleep when there are no tasks to run. And since you don’t have to save and restore each task’s stack state: switching tasks is fast; the code is more portable; and you don’t have to declare the size of each task’s stack a priori.
Which would you choose: why and when?
Given all the above, I’m leaning towards a run-to-completion architecture. But what’s your experience? When would you choose a preemptive scheduler over a run-to-completion scheduler?
I created a Sharepoint online list that tracks cases. Users review and update cases through a power apps form on the site. I also have a power bi visualization that is querying the Sharepoint list to display graphs. Is there a way to put the existing power apps form into the power bi so that users can update the cases from there? I want users to be able to update the power apps form in the power bi and have those updates reflected in the sharepoint online list.
I am making a Google Analytics like service where you embed generated code into your website and it tracks certain data. I have a backend REST api, but I am not sure how to securely implement a call to it in the frontend without all the authentication data being exposed. I am worried that if a user embeds this code into their website with authentication, such as a session ID or a user ID, anybody would be able to just take that data and make a call to the api before the session times out and mess with the user’s data. Is there any way to prevent this risk and safely design the backend api and the call so that it is much more difficult or impossible for people to make calls to a user’s private api?
These days it is not uncommon for data tables to contain more complex UI elements (i.e. not just data), with things like pills (or tags), call-to-action buttons, icons, and even graphs & charts (e.g. sparklines) to be embedded.
However, I haven’t actually seen the specific behaviour for these embedded UI elements specified in the context of an child element in a table cell.
So the question is, what happens to a progress bar (and other UI elements) when the table row cycles through different states (e.g. hover-over, active, selected, etc.) and how does the styling and behaviour change compared to when they are outside of a table?
A specific example of this is to consider what happens to a table cell containing a progress bar (which is actually not an uncommon thing to see) if it is selected. Should it be:
- Unchanged (even though there might be some contrast issues with the table cell’s selected state).
- Modified by making changes to the colour or styling
- A custom rule to the behaviour of the table to accommodate the interaction
If you can include any screenshots of actual examples of applications (rather than CodePen or design concepts) that would be very useful for illustrating the answer.