What headers used in request by google bot?

What headers used in request by google bot? Must be user agent, but what else? I’m interested in cache control headers, does bot try to get fresh page, but not from cache?

The related question: Do browsers send different HTTP headers on page reload so that server side caches can be flushed?

I’m using server cache, what have option to refresh on Ctrl+F5, but don’t want bot to refresh page. Code what detect Ctrl+F5 below:

function cacheHitDisplay($  params)   if ($  _SERVER['HTTP_CACHE_CONTROL'] == 'no-cache') {     // process/refresh page. ctrl-f5 pressed     return 0;   }   getFromCache($  params);   exit 0 } cacheHitDisplay(); // will show cached page and exit script ...here normal page processing, saving page to cache at end... 

Perform CSRF attack when CSRF token is sent in Custom Request header

I have found that the web application uses a weak algorithm to generate CSRF token.The CSRF token is sent in request header

X-CSRF-TOKEN: “token-string”

Since the request header is being used, how to do a CSRF attack to perform a sensitive action in real time?

Custom headers can be sent using JS but it’s blocked due to CORS. I have seen few threads which mention about ActionScript in Flash which can be used to send custom headers. Does that still work? (Considering chrome has stopped using Flash). Is there anyway I can perform the attack?

Creating a “6 finger” guitar – reference request on how to create a UI for a guitar that supports more than 5 degrees of freedom

There have been a lot of developments in guitar to stretch the capabilities of the instrument from amps, pedals, multi-string approaches, fretless microtonal varieties, etc…

Fundamentally it seems there is a limitation the majority of humans face which is that there are usually only 5 fingers on their hand touching the neck of the guitar from which to form chords.

Has there been any research done on how to easily, and smoothly give a higher number of degrees of freedom for picking specific notes other than fingers pushing down on strings?

Some ideas I had:

  1. Engage other muscles, say the toe by standing on a pad which tries to map different toe configurations to certain pre-programmed chords, or individual strings

  2. BCI: theoretically we could forego any human limitations if we can engage the brain directly

My Question Concretely:

What are some documents about this topic/and or does anyone know of a canonical solution that has been created?

What would happen if some random webpage made an Ajax request for http://127.0.0.1/private.txt?

I run a localhost-only webserver (PHP’s built-in one) for all my admin panels and whatnot on my machine. I’m worried that, if any random webpage has a JavaScript snippet which makes an Ajax call to http://127.0.0.1/private.txt , and I visit that webpage, it will make my browser (Firefox) fetch whatever data is returned from that URL and be able to use it, for example to send it back to their own server in another Ajax request.

Let’s assume that http://127.0.0.1/private.txt returns my entire diary since 1958. Or anything equally sensitive. I definitely don’t ever want it to interact with anything other than my Firefox browser, but from what I can reckon, this could be a massive privacy/security issue. I hope I’m wrong about my assumption that this request would be allowed. I hope that it has some kind of “cross-domain policy” blocking it or something. Especially since it’s from 127.0.0.1, which should be some kind of special case.

What would stop it from doing this? What am I missing in my reasoning?

Is there any way to keep the request in intercepting proxy for atleast a min before application says check your connection?

I just bypassed SSL pinning on an android application but the problem is application won’t let me play with the request on my intercepting proxy. It says something like problem with your network or check your internet connection, it might be slow. It used to say the same thing before I didn’t bypassed SSL pinning.

My assumption is that the application is coded in such a way that it expects to get response from the server quickly. Since am playing around with the request on my intercepting proxy there is no response from the server because the request is still on my proxy and not sent to the server.

Is there any way out of it?

Accessibility request: dark/black theme/design

For accessibility reasons, to support users with eye disabilities it would be recommended to add a kinda high contrast mode, dark/black theme/design to apps. In general and to the stack exchange/overflow apps, too. There was a feature request on meta stack from 2016 with only the discussion if it is a duplicate, but nothing about it’s reasoning and consequences. 🤔 Please discuss and consider this request, which is still a valid!

Block ping request and Nmap scan

I am learning nmap scanning from beginning.

I tried to scan my office pc with the following command

nmap -sP -PP 192.168.1.104 --disable-arp-ping 

and it works fine..It shows that 1 host is up

BUT

when I tried to scan for open ports then it shows errors.

I have used all commands like nmap -f, nmap -sI etc but I can’t scan the host.

Actually my target pc is using Symantec antivirus and he is blocking my IP address because when I used to ping then it shows nothing.

How to Approve more than one request using nintex workflow using Custom C#

  • we develope custom webpart to display my tasks using Nintex Workflow

  • my tasks appear in listview using C#

  • we want to add checkbox field in listview to check in tasks that i want to approve the tasks at once by button click .

how to develope it using c# or is there nintex library to facilate that ?

enter image description here

The property or field ‘ItemCount’ has not been initialized. It has not been requested or the request has not been executed

I have the following code inside our server-side event receiver, the code should connect to a sharepoint online list and get the total number of items, here is the code:-

   try    {      currentItem["Status"] = "Pending";      if (currentItem.ContentType.Name.ToLower().Contains("project"))         {             using (ClientContext context = new ClientContext("https://***.sharepoint.com/"))            {              string s = "***";              SecureString passWord = new SecureString();              foreach (var c in s)              passWord.AppendChar(c);              context.Credentials = new SharePointOnlineCredentials("admin@****.onmicrosoft.com", passWord);              List list = context.Web.Lists.GetByTitle("Project");              context.ExecuteQuery();              var countItems = list.ItemCount;            }          }    }    catch (Exception e)    {      var errormessage = e.Message;    } 

but i am getting this exception:-

Microsoft.SharePoint.Client.PropertyOrFieldNotInitializedException was caught   HResult=-2146233079   Message=The property or field 'ItemCount' has not been initialized. It has not been requested or the request has not been executed. It may need to be explicitly requested.   Source=Microsoft.SharePoint.Client.Runtime   StackTrace:        at Microsoft.SharePoint.Client.ClientObject.CheckUninitializedProperty(String propName)        at Microsoft.SharePoint.Client.List.get_ItemCount()        at OrderManagement.EventReceiver1.EventReceiver1.ItemUpdated(SPItemEventProperties properties)   InnerException:  

So can anyone advice how i can fix this issue?