Potentially harmful HTML
I am writing a Web application that is going to be used to handle email requests.
I have written an application that I have running on a server that retrieves the emails and puts all of the information into my database including the body of the email.
I can load the email body text into a textbox and it displays correctly without hyperlinks etc. but when I submit any actions on the page I am getting an error telling me I may have opened myself up to harmful stuff. if I load it into a label,
it eliminates this, but also eliminates the line breaks and paragraphs of the email. kindof hard to read.
I figure it is pretty likely that I will at the very least get some spam that has some malicious html in it.
So what is the best way to protect myself? is there a way to parse through the text to remove anything harmful while leaving the basic formatting in place?
here is the data coming from the database for one of the emails:
Test email.
First Last
Company
(000)000-00000 Office
(000)000-000 Mobile
[email protected]
www.email.com<http://www.email.com>
<http: www.caglewood.org=""></http:>
toStaticHTML method is god but still IE only. The following code works on other browsers too. Method does pretty much the same thing, and is pretty fast too.
This is a simple HTML String Sanitizing tool.
It allows a highly rich,- but safe - html content input to be published on your pages.
The script code is very light and to some degree customizable.
This function takes care of blacklisted tags, which are the first to be discarded without further processing.
Otherwise, it checks link protocols for code injection, and strips it off if JavaScript is encountered.
Further on, it removes all event driven code assignments from event attributes on all tags.
And lastly, it restores images after stripping their event attributes. This security step is taken directly on the string source, because images are able to trigger the onerror event on
a faulty source as soon as they are converted to DOM Elements, - making it possible for the attacker to execute his malicious code even before appending it to the document. This is the only part of the measure that operates on a string level. But it's absolutely,
- a necessary one!
All questions, suggestions or remarks, are welcome...
p.s.: I decided to also restrict the use of inline style, -since earlier versions of IE do support JavaScript returned values on this property.
function sterilize(HTMLString){ /* b.b. Troy III p.a.e. */
HTMLString=HTMLString.replace( /<img /gi, "<imga ");
var att, x=0, y, coll,c=[],
probe = document.createElement("div");
probe.innerHTML = HTMLString;
coll = probe.getElementsByTagName("*");
while(coll[x])coll[x]?c.push(coll[x++]):0;
for( x in c )
if( /(script|object|embed|iframe)/i.
/*you can blacklist more tags here!*/
test( c[x].tagName ) ){
c[x].outerHTML="";
} else {
if( c[x].href)/java/.test(coll[x].protocol )?c[x].href="#":0;
att = c[x].attributes;
for( y in att ) if(att[y])
if( /(^on|style)/i.test(att[y].name) )
c[x].removeAttribute( att[y].name );
c=probe.innerHTML.replace( /imga/gi, "img" );
return c.replace( /<\/img>/gi, "" );
I'm using blacklist instead of whitelist here, why?
I think there was a reason behind this decision...
Its about freedom
And freedom is about more choices, more opportunities, more solutions and so forth.
To my humble opinion -there are always more good people, than bad.
Henceforth, contrary to the widespread policy/opinion that treats them all as equally evil, yet privilege the most unworthy ones - in reality and in practice, it is always just, and easier
than anything else - to restrain the evil ones only, and let others enjoy.
The freedom where you are free to do nothing, is no freedom at all.
-It's a quarantine!
My natural borne idea was/is to make freedom enjoyable. (For, what good is freedom that you cant enjoy?!)
Anyway,
as mentioned earlier, - "to some degree" - the code is also customizable;
and so is its policy
-which can easily be inverted:
// just add the "!" [NOT] mark here and fill in your whitelist:
for( x in c )
if( ! /(/*your white-list here*/)/i.
//and continue;
than comment out the "else" part completely:
// } else {
and you got yourself a privileged list of tags allowed, instead.
p.s.
You might notice that - depending on "how you look at freedom", - the privileged list will
tend to extend far beyond the length of its opposite.
Best Regards.
Similar Messages
-
Cleaning up potentially harmful files
Is there a way to clean potentially harmful files and if so how can I find them and delete them? Im having several issue with pop ups which were not pprevelent before. AnNy suggestions??
What kind of harmful files are you talking about here? If you're referring to viruses, see my [Mac Virus guide|http://www.reedcorner.net/thomas/guides/macvirus>. You'll note that there are no Mac viruses, only a few trojans, which you must download, run and provide an admin password to.
I'm not sure what kind of popup issues you're having, as you didn't specify, but sometimes popups can get past popup blockers. I have Safari's popup blockers on, but I now and then find "pop-unders" lurking behind the browser window anyway. This is not malware.
Of course, you could be having DNS redirects, but from your description I have no way of knowing whether this is likely. There's information on redirects in the "Do I have a virus?" section of the guide. -
I want to see the Microsoft Access information video. The pop up says I need a
plug in "applications/x-ms-wmp". Where do I find it and how is there any potential harm
in downloading it? ThanksInstall Flip4mac.
http://www.telestream.net/flip4mac-wmv/overview.htm -
I am not sure how to tell if this program is from firefox or something else, but McAfee is saying it is potentially harmful
There has been a Firefox 25.0.1 security update released, see Help > About, so make sure to update.
*http://www.mozilla.org/en-US/firefox/25.0.1/releasenotes/ -
If you change the screen will you change the pressure and cause potential harm inside?
I have an iPod with a damaged screen as I dropped it. It still works perfectly well. If I have the screen changed am I putting it at risk of further damage?
As long as you do a good job and make sure you DO NOT damage anything inside the ipod then you are good. The pressure won't do anything, just make sure you know what you are doing. I reccommend someone who knows what they are doing and has experience in replacing screens to do it for you.
Youtube works wonders. -
I've been following (roughly) the simple virus scanner interface that SUN provides, and adapted it into a slightly heavier weight filter that interfaces with libclamav. At first both were compiled using GCC, and I thought due to some of the weird problems I had when debugging flags were inserted, maybe Sun Studio would give better results. It hasn't, and I'm at a bit of a loss as to what to do next.
The symptom is that parts of the message just dissapear, and I see the old mime boundaries within the message body, so it seems like there's some pointer indicating where the message starts that's being corrupted by something in my code.
Interestingly, if I stop processing the message while still inside the headers, there is no problem, but that's not a very effective virus scanner if it can only look at the content type and filename of the part now is it?
This happens regardless of whether I use GCC or CC, and I'm using 0.88.1 of clamav. The output message is shown last. It should be fairly obvious what's wrong with it.
Here's my code, perhaps someone can tell me what I'm doing wrong.
** WARNING ** This IS NOT polished code, so please don't expect it to be perfect. It's clean, but includes absolute pathnames, and some other nauties that should be removed before anyone even thinks of reusing this. Once it actually works, I'll do the nessisary code cleanup, and release this to the community to do whatever anyone wants with.
Makefile
SERVER_ROOT=/opt/SUNWmsgsr
INSTALL_LOCATION=/var/opt/SUNWmsgsr/site-programs/
INCLUDE=-I${SERVER_ROOT}/include
LIBPATH=-L${SERVER_ROOT}/lib
CLAMLIBS=`/usr/local/bin/clamav-config --libs` -lclamav
CLAMFLAGS=`/usr/local/bin/clamav-config --cflags`
LIBS=-lmtasdk ${CLAMLIBS}
FLAGS=${CLAMFLAGS}
all:
cc ${FLAGS} -o msgsr_clamav msgsr_clamav.c \
${INCLUDE} ${LIBPATH} ${LIBS}
install:
cp msgsr_clamav ${INSTALL_LOCATION}
cp msgsr_clamav.cnf ${INSTALL_LOCATION}************************************************
Expansions
CLAMLIBS=-L/usr/local/lib -lz -lbz2 -lpthread -lclamav
CLAMFLAGS=-I/usr/local/include -xO4************************************************
msgsr_clamav.c
* msgsr_clamav
* Interface the Sun Java System Message Server with LibClamAV
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <pthread.h>
#include "clamav.h" // LibClamAV Header
#include "mtasdk.h"
* A structure to store channel options
typedef struct {
/* Produce debug output? */
int debug;
// Maximum size (in bytes) attachment to scan
int scan_maxsize;
// Scan recursion level
int scan_recursion_level;
// Max files
int scan_maxfiles;
// Path to ClamAV Virus Database
char db_dir[BIGALFA_SIZE+3];
// Used Internally by ClamAV. Stored here for ease of access
struct cl_node *root;
unsigned int signo;
struct cl_stat dbstat;
pthread_mutex_t reload_mutex;
// MIME types to ignore
char ignore_mime_types[BIGALFA_SIZE+3];
// Types of files to ignore
char ignore_file_types[BIGALFA_SIZE+3];
/* Unwanted MIME content types (ALWAYS stripped, never scanned) */
char bad_mime_types[BIGALFA_SIZE+3];
/* Unwanted file types (ALWAYS stripped, never scanned)*/
char bad_file_types[BIGALFA_SIZE+3];
/* Length of bmt string */
size_t bmt_len;
/* Length of bft string */
size_t bft_len;
} our_options_t;
// A structure passed per message to contain message specific data, including open files, etc.
typedef struct {
// The filename of the temp file in use so it can be unlinked when we're done with it.
char temp_file_name[BIGALFA_SIZE * 2 + 10];
// The file * to the temp file in use, so we don't have to reopen it across calls to decode_inspect
FILE *temp_file;
// A pointer to the single instance of our_options_t that is shared across all threads
our_options_t * options;
} msg_temp_data_t;
* Forward declarations
static void error_exit(int ires, const char *msg);
static void error_report(our_options_t *options, int ires, const char *func);
static void error_reports(our_options_t *options, const char* errStr, const char *func);
static int is_bad_mime_type(our_options_t *options, mta_decode_t *dctx, char *buf, size_t maxbuflen);
static int is_bad_file_type(our_options_t *options, mta_opt_t *params, const char *param_name, char *buf, size_t maxbuflen);
static int load_options(our_options_t *options);
static mta_dq_process_message_t process_message;
static mta_decode_read_t decode_read;
static mta_decode_inspect_t decode_inspect;
* main() -- Initialize the MTA SDK, load our options, and then
* start the message processing loop.
int main()
int ires,ret;
char error_msg[BIGALFA_SIZE+3];
our_options_t options;
* Initialize the MTA SDK
* See explanatory comment 1
if ((ires = mtaInit(0)))
error_exit(ires, "Unable to initialize the MTA SDK");
* Load our channel options
* See explanatory comment 2
if ((ires = load_options(&options)))
error_exit(ires, "Unable to load our channel options");
* Initialize the ClamAV Virus Engine and Database
// Preconditions to initializing the ClamAV database
options.root=NULL; options.signo=0;
// Load the virus database
mtaLog("cl_loaddbdir() loading database from %s",options.db_dir);
if ((ret = cl_loaddbdir(options.db_dir, &options.root, &options.signo)))
sprintf(error_msg,"cl_loaddbdir() error: %s", cl_strerror(ret));
error_exit(MTA_NO,error_msg);
mtaLog("cl_loaddbdir() loaded %d virus definitions",options.signo);
// Internalize the virus database structure
mtaLog("cl_build() initializing database");
if((ret = cl_build(options.root)))
sprintf(error_msg,"cl_build() error: %s", cl_strerror(ret));
error_exit(MTA_NO,error_msg);
// Keep track of database updates
memset(&options.dbstat, 0, sizeof(struct cl_stat));
cl_statinidir(options.db_dir, &options.dbstat);
// Initialize our reload mutex
if (ret = pthread_mutex_init(&options.reload_mutex,NULL))
sprintf(error_msg,"pthread_mutex_init() error: %d", ret);
error_exit(MTA_NO,error_msg);
* Now process the queued messages. Be sure to indicate a
* thread stack size sufficient to accomodate message
* enqueue processing.
* See explanatory comment 3
if ((ires = mtaDequeueStart((void *)&options,
process_message, NULL, 0)))
error_exit(ires, "Error during dequeue processing");
* All done
cl_free(options.root);
mtaDone();
return(0);
*Reloads the virus database and re-initializes the in memory structure
* Loads a new virus database, then if all succeeds, it
* swaps the new database with the old one. It's assumed
* clamav releases the database gracefully, but another mutex
* may be required if this is not the case.
static int reload_database(our_options_t *options)
struct cl_node *newroot = NULL,*oldroot;
char error_msg[BIGALFA_SIZE+3];
int ret;
unsigned int signo=0;
if (pthread_mutex_trylock(&options->reload_mutex)) { // Only one reload at a time thank you.
if(cl_statchkdir(&options->dbstat) == 1) { // Make sure we actually need an update
mtaLog("reload_database() Virus database is stale... reloading");
mtaLog("cl_loaddbdir() reloading database from %s",options->db_dir);
// Load the new virus database
if ((ret = cl_loaddbdir(options->db_dir, &newroot, &signo)))
mtaLog("cl_loaddbdir() error: %s", cl_strerror(ret));
return (-1);
mtaLog("cl_loaddbdir() loaded %d virus definitions",options->signo);
// Internalize the virus database structure
mtaLog("cl_build() re-initializing database");
if((ret = cl_build(newroot)))
mtaLog("cl_build() error: %s", cl_strerror(ret));
mtaLog("reload_database() Database reload aborted");
cl_free(newroot);
return (-2);
// Save a pointer to the old root
oldroot = options->root;
// Swap in the new root and signo
options->root = newroot;
options->signo = signo;
// Release the old root
cl_free(oldroot);
mtaLog("database_reload() Successfully loaded new virus database");
// Keep track of database updates
cl_statfree(&options->dbstat);
cl_statinidir(options->db_dir, &options->dbstat);
pthread_mutex_unlock(&options->reload_mutex);
* process_message() -- This routine is called by
* mtaDequeueStart() to process each queued
* message. We don稚 make use of ctx2, but
* ctx1 is a pointer to our channel options.
* See explanatory comment 4
static int process_message(void **ctx2, void *ctx1, mta_dq_t *dq, const char *env_from, size_t env_from_len)
const char *adr;
int disp, ires;
size_t len;
mta_nq_t *nq;
msg_temp_data_t msg_data;
* Initializations
nq = NULL;
msg_data.options = (our_options_t *)ctx1;
msg_data.temp_file = NULL;
* Check the virus database to make sure it isn't stale
* If it it's not currently reloading, and is stale, reload it.
//if(cl_statchkdir(&(msg_data.options->dbstat)) == 1)
// reload_database(msg_data.options);
* A little macro to do error checking on mta*() calls
#define CHECK(f,x) \
if ((ires = x)) { error_report(msg_data.options, ires, f); goto \
done_bad; }
* Start a message enqueue. Use the dequeue context to copy
* envelope flags fromt the current message to this new
* message being enqueued.
* See explanatory comment 5
CHECK("mtaEnqueueStart", mtaEnqueueStart(&nq, env_from, env_from_len, MTA_DQ_CONTEXT, dq, 0));
* Process the envelope recipient list
* See explanatory comment 6
while (!(ires = mtaDequeueRecipientNext(dq, &adr, &len, 0)))
* Add this envelope recipient address to the message
* being enqueued. Use the dequeue context to copy
* envelope flags for this recipient from the current
* message to the new message.
ires = mtaEnqueueTo(nq, adr, len, MTA_DQ_CONTEXT,
dq, MTA_ENV_TO, 0);
/* See explanatory comment 7 */
disp = (ires) ? MTA_DISP_DEFERRED : MTA_DISP_RELAYED;
CHECK("mtaDequeueRecipientDisposition", mtaDequeueRecipientDisposition(dq, adr, len,disp, 0));
* A normal exit from the loop occurs when
* mtaDequeueRecipientNext() returns an MTA_EOF status.
* Any other status signifies an error.
if (ires != MTA_EOF)
error_report(msg_data.options, ires, "mtaDequeueRecipientNext");
goto done_bad;
* Begin the MIME decode of the message
* See explanatory comment 8
CHECK("mtaDecodeMessage",
mtaDecodeMessage(
/* Private context is our message data structure */
(void *)&msg_data,
/* Input is the message being dequeued */
MTA_DECODE_DQ, (void *)dq,
/* Output is the message being enqueued */
MTA_DECODE_NQ, (void *)nq,
/* Inspection routine */
decode_inspect,
/* Convert non-MIME formats to MIME */
MTA_DECODE_THURMAN,
0));
* Finish the enqueue
* NOTE: IT担 IMPORTANT TO DO THIS before DOING THE
* DEQUEUE. YOU WILL LOSE MAIL IF YOU DO THE DEQUEUE FIRST
* and then THE ENQUEUE FAILS.
* See explanatory text 9
CHECK("mtaEnqueueFinish", mtaEnqueueFinish(nq, 0));
nq = NULL;
* Finish the dequeue
CHECK("mtaDequeueFinish", mtaDequeueMessageFinish(dq, 0));
* All done with this message
return(MTA_OK);
done_bad:
* Abort any ongoing enqueue or dequeue
if (nq)
mtaEnqueueFinish(nq, MTA_ABORT, 0);
if (dq)
mtaDequeueMessageFinish(dq, MTA_ABORT, 0);
* And return our error status
return(ires);
#undef CHECK
* decode_inspect() -- This is the routine that inspects each
* message part, deciding whether to accept
* or reject it.
* See explanatory comment 10
static int decode_inspect(void *ctx, mta_decode_t *dctx, int data_type,const char *data, size_t data_len)
char buf[BIGALFA_SIZE * 2 + 10];
const char *virname;
int i;
static unsigned int part_c = 1;
msg_temp_data_t *msg_data = (msg_temp_data_t *)ctx;
strncpy(buf,data,data_len);
buf[data_len] = 0;
mtaLog("decode_inspect() (%d,%ud): %s",data_type,dctx,buf);
switch (data_type)
case MTA_DATA_HEADER:
* See if the part has:
* 1. A bad MIME content-type,
* 2. A bad file name extension in the (deprecated)
* NAME= content-type parameter, or
* 3. A bad file name extension in the
* FILENAME= content-disposition parameter.
i = 0;
if ((i = is_bad_mime_type((void *)msg_data->options, dctx, buf, sizeof(buf))) ||
is_bad_file_type((void *)msg_data->options,mtaDecodeMessageInfoParams(dctx,MTA_DECODE_CTYPE_PARAMS, NULL),"NAME", buf, sizeof(buf)) ||
is_bad_file_type((void *)msg_data->options,mtaDecodeMessageInfoParams(dctx,MTA_DECODE_CDISP_PARAMS, NULL),"FILENAME", buf, sizeof(buf)))
char msg[BIGALFA_SIZE*4 + 10];
* Replace this part with a text message indicating
* that the part痴 content has been deleted.
* See explanatory comment 11
if (i)
i = sprintf(msg,
"The content of this message part has been removed.\n"
"It contained a potentially harmful media type of %.*s",
strlen(buf)-2, buf+1);
else
i = sprintf(msg,
"The content of this message part has been removed.\n"
"It contained a potentially harmful file named '%s'", buf);
mtaLog("decode_inspect(): %s",msg);
return(mtaDecodeMessagePartDelete(dctx,
MTA_REASON, msg, i,
MTA_DECODE_CTYPE, "text", 4,
MTA_DECODE_CSUBTYPE, "plain", 5,
MTA_DECODE_CCHARSET, "us-ascii", 8,
MTA_DECODE_CDISP, "inline", 6,
MTA_DECODE_CLANG, "en", 2, 0));
} break; // case MTA_DATA_HEADER:
case MTA_DATA_TEXT:
case MTA_DATA_BINARY:
if (msg_data->temp_file == NULL)
sprintf(msg_data->temp_file_name,"/tmp/%i.tmp",part_c++);
mtaLog("messageDecode(): Opening Temp File %s",msg_data->temp_file_name);
msg_data->temp_file = fopen(msg_data->temp_file_name,"wb");
fwrite(data,data_len,1,msg_data->temp_file);
return(MTA_OK);
break;
case MTA_DATA_NONE:
fflush(msg_data->temp_file);
fclose(msg_data->temp_file);
msg_data->temp_file = NULL;
struct cl_limits limits;
memset(&limits, 0, sizeof(struct cl_limits));
/* maximal number of files in archive */;
limits.maxfiles = 1000;
/* maximal archived file size */
limits.maxfilesize = 10 * 1048576; /* 10 MB */
/* maximal recursion level */
limits.maxreclevel = 5;
/* maximal compression ratio */
limits.maxratio = 200;
/* disable memory limit for bzip2 scanner */
limits.archivememlim = 0;
i = cl_scanfile(msg_data->temp_file_name, &virname, NULL, msg_data->options->root,&limits,CL_SCAN_STDOPT);
unlink (msg_data->temp_file_name);
if(i == CL_VIRUS) {
char msg[BIGALFA_SIZE*4 + 10];
size_t idlen;
i = sprintf(msg,
"The content of this message part has been removed.\n"
"It contained the virus %s in a file named '%s'", virname,buf);
mtaDequeueInfo(dctx,MTA_ENV_ID,&buf,&idlen);
buf[idlen] = '\0';
mtaLog("decode_inspect(): Detected %s virus in part %i of msg ID %s",virname,0,buf);
return(mtaDecodeMessagePartDelete(dctx,
MTA_REASON, msg, i,
MTA_DECODE_CTYPE, "text", 4,
MTA_DECODE_CSUBTYPE, "plain", 5,
MTA_DECODE_CCHARSET, "us-ascii", 8,
MTA_DECODE_CDISP, "inline", 6,
MTA_DECODE_CLANG, "en", 2, 0));
} else {
if(i != CL_CLEAN)
mtaLog("decode_inspect() Error: %s scanning file %s",cl_strerror(i),msg_data->temp_file_name);
else
mtaLog("decode_inspect(): Part in file %s is clean",msg_data->temp_file_name);
//return(mtaDecodeMessagePartCopy(dctx, 0));
return(MTA_OK); break;
return(MTA_OK);
* is_bad_mime_type() -- See if the part痴 media type is in our
* bad MIME content types, for example:
* application/vbscript
* See explanatory comment 13
static int is_bad_mime_type(our_options_t *options,
mta_decode_t *dctx, char *buf,
size_t maxbuflen)
const char *csubtype, *ctype;
size_t i, len1, len2;
char *ptr;
* Sanity checks
if (!options || !options->bmt_len ||
!options->bad_mime_types[0] ||
!dctx)
return(0);
* Get the MIME content type
ctype = mtaDecodeMessageInfoString(dctx, MTA_DECODE_CTYPE,NULL, &len1);
csubtype = mtaDecodeMessageInfoString(dctx,MTA_DECODE_CSUBTYPE,NULL, &len2);
* Build the string: <0x01>type/subtype<0x01><0x00>
ptr = buf;
*ptr++ = (char)0x01;
for (i = 0; i < len1; i++)
*ptr++ = tolower(*ctype++);
*ptr++ = '/';
for (i = 0; i < len2; i++)
*ptr++ = tolower(*csubtype++);
*ptr++ = (char)0x01;
*ptr = '\0';
* Now see if the literal just built occurs in the list of
* bad MIME content types
return((strstr(options->bad_mime_types, buf)) ? -1 : 0);
* is_bad_file_type() -- See if the part has an associated file
* name whose file extension is in our list
* of bad file names, such as .vbs.
* See explanatory comment 14
static int is_bad_file_type(our_options_t *options,
mta_opt_t *params,
const char *param_name, char *buf,
size_t maxbuflen)
const char *ptr1;
char fext[BIGALFA_SIZE+2], *ptr2;
size_t i, len;
* Sanity checks
if (!options || !options->bft_len || !params || !param_name)
return(0);
len = 0;
buf[0] = '\0';
if (mtaOptionString(params, param_name, 0, buf, &len,
maxbuflen - 1) ||
!len || !buf[0])
* No file name parameter specified
return(0);
* A file name parameter was specified. Parse it to
* extract the file extension portion, if any.
ptr1 = strrchr(buf, '.');
if (!ptr1)
* No file extension specified
return(0);
* Now store the string created earlier in fext[]
* Note that we drop the ・・from the extension.
ptr1++; /* Skip over the ・・*/
ptr2 = fext;
*ptr2++ = (char)0x01;
len = len - (ptr1 - buf);
for (i = 0; i < len; i++)
*ptr2++ = tolower(*ptr1++);
*ptr2++ = (char)0x01;
*ptr2++ = '\0';
* Now return -1 if the string occurs in
* options->bad_file_types.
return((strstr(options->bad_file_types, fext)) ? -1 : 0);
* load_options() -- Load our channel options from the channel痴
* option file
* See explanatory comment 15
static int load_options(our_options_t *options)
char buf[BIGALFA_SIZE+1];
size_t buflen, i;
mta_opt_t *channel_opts;
int ires;
const char *ptr0;
char *ptr1;
* Initialize the our private channel option structure
memset(options, 0, sizeof(our_options_t));
* Set internal defaults for important features
options->scan_maxsize = 10 * 1024 * 1024; // 10 MB
options->scan_recursion_level = 10;
options->scan_maxfiles = 200;
strcpy(options->db_dir,cl_retdbdir()); // Default ClamAV Directory
* Access the channel痴 option file
* See explanatory comment 16
channel_opts = NULL;
if ((ires = mtaOptionStart(&channel_opts, "/var/opt/SUNWmsgsr/site-programs/msgsr_clamav.cnf", 0, 0)))
mtaLog("Unable to access our channel option file");
return(ires);
* DEBUG=0|1
options->debug = 0;
mtaOptionInt(channel_opts, "DEBUG", 0, &options->debug);
if (options->debug)
mtaDebug(MTA_DEBUG_SDK, 0);
* BAD_MIME_TYPES=type1/subtype1[,type2/subtype2[,...]]
buf[0] = '\0';
mtaOptionString(channel_opts, "BAD_MIME_TYPES", 0, buf,
&buflen, sizeof(buf));
* Now translate the comma separated list:
* Type1/Subtype1[,Type2/Subtype2[,...]]
* to
*<0x01>type1/subtype1[<0x01>type2/subtype2[<0x01>...]]<0x01>
ptr0 = buf;
ptr1 = options->bad_mime_types;
*ptr1++ = (char)0x01;
for (i = 0; i < buflen; i++)
if (*ptr0 != ',')
*ptr1++ = tolower(*ptr0++);
else
*ptr1++ = (char)0x01;
ptr0++;
*ptr1++ = (char)0x01;
*ptr1 = '\0';
options->bmt_len = ptr1 - options->bad_mime_types;
* BAD_FILE_TYPES=["."]Ext1[,["."]Ext2[,...]]
buf[0] = '\0';
buflen = 0;
mtaOptionString(channel_opts, "BAD_FILE_TYPES", 0, buf,
&buflen, sizeof(buf));
* Now translate the comma separated list:
* ["."]Ext1[,["."]Ext2[,...]]
* to
* <0x01>ext1[<0x01>ext2[<0x01>...]]<0x01>
ptr0 = buf;
ptr1 = options->bad_file_types;
*ptr1++ = (char)0x01;
for (i = 0; i < buflen; i++)
switch(*ptr0)
default : /* copy after translating to lower case */
*ptr1++ = tolower(*ptr0++);
break;
case '.' : /* discard */
break;
case ',' : /* end current type */
*ptr1++ = (char)0x01;
ptr0++;
break;
*ptr1++ = (char)0x01;
*ptr1 = '\0';
options->bft_len = ptr1 - options->bad_file_types;
* Dispose of the mta_opt_t context
* See explanatory comment 17
mtaOptionFinish(channel_opts);
* And return a success
return(MTA_OK);
* error_report() ・Report an error condition when debugging is
* enabled.
static void error_report(our_options_t *options, int ires,
const char *func)
if (options->debug)
mtaLog("%s() returned %d; %s",
(func ? func : "?"), ires, mtaStrError(ires,0));
static void error_reports(our_options_t *options, const char* errStr,
const char *func)
if (options->debug)
mtaLog("%s() reported: %s",
(func ? func : "?"), errStr);
* error_exit() -- Exit with an error status and error message.
static void error_exit(int ires, const char *msg)
mtaLog("%s%s%s", (msg ? msg : ""), (msg ? "; " : ""),
mtaStrError(ires,0));
exit(1);
msgsr_clamav.cnf
DEBUG=1
BAD_MIME_TYPES=application/vbscript
BAD_FILE_TYPES=bat,pif,vb,vbs,chs,exe************************************************
broken message
Return-path: <[email protected]>
Received: from virusscan-daemon.apple.california.com by apple.california.com
(Sun Java System Messaging Server 6.2-3.04 (built Jul 15 2005))
id <[email protected]> for [email protected]; Thu,
20 Apr 2006 07:30:13 -0700 (PDT)
Received: from california.com ([209.159.129.16])
by apple.california.com (Sun Java System Messaging Server 6.2-3.04 (built Jul
15 2005)) with ESMTP id <[email protected]> for
[email protected]; Thu, 20 Apr 2006 07:30:05 -0700 (PDT)
Received: from [61.23.221.222] by apple.california.com (mshttpd); Thu,
20 Apr 2006 14:30:05 +0000 (GMT)
Content-return: allowed
Date: Thu, 20 Apr 2006 14:30:05 +0000 (GMT)
From: [email protected]
Subject: Re: testing
In-reply-to: <[email protected]>
To: [email protected]
Message-id: <[email protected]>
MIME-version: 1.0
X-Mailer: Sun Java(tm) System Messenger Express 6.2-3.04 (built Jul 15 2005)
Content-type: multipart/alternative;
boundary="Boundary_(ID_iOVR4MBjhWJn/mh7Ij+BUQ)"
Content-language: en
X-Accept-Language: en
Priority: normal
References: <[email protected]>
Original-recipient: rfc822;[email protected]
This is a multi-part message in MIME format.
--Boundary_(ID_iOVR4MBjhWJn/mh7Ij+BUQ)
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7bit
Content-disposition: inline
Data is missing from here
----ec04832708e231d6e2f
--Boundary_(ID_iOVR4MBjhWJn/mh7Ij+BUQ)
Content-type: text/html; charset=us-ascii
Content-transfer-encoding: quoted-printable
Content-disposition: inline
Data is missing from here
nal Message -----=3Cbr=3EFrom=3A chales=40california=2Ecom=3Cbr=3EDate=3A=
Thursday=2C April 20=2C 2006 11=3A19 pm=3Cbr=3ESubject=3A testing=3Cbr=3E=
To=3A chales=40california=2Ecom=3Cbr=3E=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B=
3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B 5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B=
7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B 9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B=
1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B 3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B=
5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B 7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B=
9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B 1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B=
3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B 5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B=
7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B 9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B=
1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B 3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B=
5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B 7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B=
9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B 1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B=
3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B 5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B=
7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B 9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B=
1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B 3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B=
5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B 7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B=
9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B 1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B=
3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B 5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B=
7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B 9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B=
1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B 3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B=
5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B 7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B=
9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B 1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B=
3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B 5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B=
7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B 9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B=
1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B 3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B=
5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B 7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B=
9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B 1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B=
3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B 5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B=
7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B 9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B=
1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B 3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B=
5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B 7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B=
9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B 1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B=
3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B 5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B=
7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B 9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B=
1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B 3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B=
5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B 7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B=
9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B 1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B=
3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B 5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B=
7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B 9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B=
1=3Cbr=3E=26gt=3B 2=3Cbr=3E=26gt=3B 3=3Cbr=3E=26gt=3B 4=3Cbr=3E=26gt=3B=
5=3Cbr=3E=26gt=3B 6=3Cbr=3E=26gt=3B 7=3Cbr=3E=26gt=3B 8=3Cbr=3E=26gt=3B=
9=3Cbr=3E=26gt=3B 0=3Cbr=3E=26gt=3B =3Cbr=3E=26gt=3B
----ec04832708e231d6e2f
--Boundary_(ID_iOVR4MBjhWJn/mh7Ij+BUQ)
Content-type: text/x-vcard; name=chales.vcf; charset=us-ascii
Content-transfer-encoding: base64
Content-disposition: attachment; filename=chales.vcf
Content-description: Card for <[email protected]>
bA0KdGVsO3dvcms6NTEwLTI4Ny04NDUwDQp1cmw6aHR0cDovL3d3dy5jYWxpZm9ybmlh
LmNvbS8NCm9yZzpDYWxpZm9ybmlhQ29tLCBJbmM7DQp2ZXJzaW9uOjIuMQ0KZW1haWw7
aW50ZXJuZXQ6Y2hhbGVzQGNhbGlmb3JuaWEuY29tDQp0aXRsZTpTeXN0ZW0gQWRtaW5p
c3RyYXRvcg0KZW5kOnZjYXJkDQo=
----ec04832708e231d6e2f--
Boundary_(ID_iOVR4MBjhWJn/mh7Ij+BUQ)Ok, so it's not my code. Using the virus_scanner_simple.c example from SUN, if you change the decode_inspect routine to return MTA_OK for every call (which should technically just let the message pass) it has the same behavior as my program. (Not all that suprising since mine is a derivative of said program)
That said, this now looks like a library issue. I'm using Sun Java System Messaging Server 6.2-3.04 (built Jul 15 2005) according to the SMTP prompt, and was wondering if perhaps I should apply:
http://sunsolve.sun.com/search/document.do?assetkey=1-21-118207-42-1&searchclause=6306404
The issue seems to be in the mtaDecodeMessage function, and occurs when the decode_inspect function is allowed to parse the message body, not just the message headers.
The machine is a Sun Ultra 4500 running Solaris 10. Here's the banner:
SunOS cookie 5.10 Generic_118822-23 sun4u sparc SUNW,Ultra-Enterprise
Has anyone else had similar problems using the MTA SDK? Is there anything I'm missing here (besides the above mentioned patch) that might fix this? -
Sprybar does not appear in live veiw and only one button in browser preveiw.
Help! please, My sprybar looks fine horizontally diplayed across the page on desigjn page, but when I go to live view there is nothing there at all just a blank space where it should be. Also when I go to preview in Firefox or IE only the last button on the right is shown but in the first position on the left. That button does function properly, but now I need the other 5 to show. Any help you can provide will be greatly appreciated.
Thank you
Ted
««« Private Beaches, Municapal Beaches, Horse Arenas, Camp Grounds, Lake Shores, PlayGrounds, Volley Ball Courts, Golf Course Bunkers, ANY SAND SURFACE!
HOME
SERVICES
PHOTOS
CONTACT US
FAQ
ABOUT US
Content on this page requires a newer version of Adobe Flash Player.
BAYSHORE SAND & BEACH CLEANERS:
Focus on satisfaction & Dependability
Let us make your sand areas beautiful again by removing unsightly and potentially harmful debris. Hand raking cannot thoroughly clean sand surfaces nearly as well as Bayshore Sand & Beach Cleaners sand cleaning machines. Our equipment reaches down several inches beneath the surface to unearth and remove many concealed hazards. Our sand cleaning service will not only leave your sand area looking great, but you can be assured in knowing that you are providing a safer, clean area for walking, sunbathing and playing. We also provide sand plowing and grading to address drifting sand and uneven urfaces. Our machines can remove debris from Horse Arena riding surfaces, Golf Course bunkers and other areas. BSBC services Ocean County, Monmouth County, Atlantic County, Cape May County and surrounding areas throughout the state.
We will rejuvenate your beach--Guaranteed. Sandy In Action . . . . . . . . . CLICK HERE! to see additional video clips on our YouTube Site including; Beaches, Horse Arenas, Sand Plowing & More!
BAYSHORE SAND & BEACH CLEANERS: Clean any sand surface:
Private, Residential & Municipal Beaches of any size, Golf Bunkers, Volley Ball Courts, Horse Arenas, Playgrounds, Lakeshore.
Offer sand plowing services:
Elimanating sand drifts and/or uneven sand surface.
Provides full beach clean-ups:
Debris & seaweed removal, anything necessary to get your beach looking beautiful again.
Offers construction services:
Create & install removeable wooden walkways, construction services and repair.
Environmental or Natural Disaster Clean-up:
BSBC cares about the environment & our beaches, we take great pride in our work offering tar ball clean-up and/or debris clean-up after an accident or natural event.
Visit us on today!
Office:732.929.0847 •email: [email protected]• Cell:908-794-9184
©2011 Bayshore Sand & Beach Cleaners, LLC<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Bayshore Sand and Beach Cleaners</title>
<meta name="keywords" content="sand cleaning, beach cleaning, beach clean up, beach cleaners, sand, volley ball court cleaning, golf bunker cleaning, BSBC, BayshoreSBC, Bayshore Sand and Beach Cleaners">
<link href="styles/bayshore sbc.css" rel="stylesheet" type="text/css">
<style type="text/css">
body,td,th {
font-family: Tahoma, Geneva, sans-serif;
font-size: 12px;
color: #006;
body {
background-color: #ECD99D;
margin-left: 10px;
margin-top: 10px;
margin-right: 5px;
font-family: Tahoma, Geneva, sans-serif;
background-image: url(%20images/Mixed_Seashells.jpg);
background-repeat: no-repeat;
.marqueescrollstyle {
font-family: "Arial Black", Gadget, sans-serif;
width:1050px
.Hading4imageright {
padding-right: 0px;
padding-top: 5px;
margin-left: 0px;
padding-left: 0px;
letter-spacing: .06px;
.MaintextFloatleft {
font-family: Arial, Helvetica, sans-serif;
font-size: 20px;
float: left;
.heading4imageleft {
font-family: impact;
font-size: 24px;
padding-left: 15px;
letter-spacing: 0.06em;
margin-top: 20px;
.Heading4youtubelink {
font-family: Arial, Helvetica, sans-serif;
font-size: 22px;
font-weight: 400;
color: #F00;
text-align: inherit;
clear: left;
padding-top: 0px;
margin-top: 10px;
.ShellPicHomepage {
margin-left: 5px;
padding-left: 0px;
border: thick ridge #630;
border-color: #36C;
alignment-adjust: auto;
float: none;
position: fixed;
.parrtext3 {
font-family: Arial, Helvetica, sans-serif;
font-size: 24px;
font-weight: bold;
line-height: 28px;
color: #006;
</style>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<script src="Scripts/swfobject_modified.js" type="text/javascript"></script>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css">
<style type="text/css">
a:link {
text-decoration: none;
color: #006;
a:visited {
text-decoration: none;
color: #06F;
a:hover {
text-decoration: none;
a:active {
text-decoration: none;
color: #006;
</style>
</head>
<body>
<div class="WrapperBoxToCenterPage">
<marquee class="MarqueeScroll">««« Private Beaches, Municapal Beaches, Horse Arenas, Camp Grounds, Lake Shores, PlayGrounds, Volley Ball Courts, Golf Course Bunkers, ANY SAND SURFACE!
</marquee>
<div id="container"><div id="banner"><strong><img src="%20images/JoeEHeader.png" width="1001" height="234" alt="BSBC Banner Header"></strong></div>
<ul id="MenuBar1" class="MenuBarHorizontal">
<li><a href="index.html">HOME</a></li>
<li><a href="services.html">SERVICES</a></li>
<li><a href="Photo.html">PHOTOS</a></li>
<li><a href="Contact Us.html">CONTACT US</a></li>
<li><a href="FAQ.html">FAQ</a></li>
<li><a href="About US.html">ABOUT US</a></li>
</ul>
<p> </p>
<div id="main_text">
<p><strong class="MainHeadingStyle">
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="365" height="265" class="floatry" id="FlashID" title="slide show">
<param name="movie" value="Media/Photo slideshow (1).swf">
<param name="quality" value="high">
<param name="wmode" value="opaque">
<param name="swfversion" value="6.0.65.0">
<!-- This param tag prompts users with Flash Player 6.0 r65 and higher to download the latest version of Flash Player. Delete it if you don’t want users to see the prompt. -->
<param name="expressinstall" value="Scripts/expressInstall.swf">
<!-- Next object tag is for non-IE browsers. So hide it from IE using IECC. -->
<!--[if !IE]>-->
<object type="application/x-shockwave-flash" data="Media/Photo slideshow (1).swf" width="365" height="265">
<!--<![endif]-->
<param name="quality" value="high">
<param name="wmode" value="opaque">
<param name="swfversion" value="6.0.65.0">
<param name="expressinstall" value="Scripts/expressInstall.swf">
<!-- The browser displays the following alternative content for users with Flash Player 6.0 and older. -->
<div>
<h4>Content on this page requires a newer version of Adobe Flash Player.</h4>
<p><a href="http://www.adobe.com/go/getflashplayer"><img src="http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif" alt="Get Adobe Flash player" width="112" height="33" /></a></p>
</div>
<!--[if !IE]>-->
</object>
<!--<![endif]-->
</object>
<span class="MainHeadingStyle"><br>
BAYSHORE SAND & BEACH CLEANERS:</span></strong><br>
<span class="SubHeadingstyle">Focus on satisfaction & Dependability</span><br>
<br>
<font face="Arial, Helvetica, sans-serif" class="parrbodytext"> Let us make your sand areas beautiful again by removing unsightly and potentially harmful debris. Hand raking cannot thoroughly clean sand surfaces nearly as well as Bayshore Sand & Beach Cleaners sand cleaning machines. Our equipment reaches down several inches beneath the surface to unearth and remove many concealed hazards. Our sand cleaning service will not only leave your sand area looking great, but you can be assured in knowing that you are providing a safer, clean area for walking, sunbathing and playing. We also provide sand plowing and grading to address drifting sand and uneven urfaces. Our machines can remove debris from Horse Arena riding surfaces, Golf Course bunkers and other areas. BSBC services Ocean County, Monmouth County, Atlantic County, Cape May County and surrounding areas throughout the state. <br>
<em> <strong>We will rejuvenate your beach--Guaranteed.</strong></em></font></p>
</div>
<div id="in_action">
<p class="heading4imageleft"><em><u>Sandy In Action . . . . . . . . .</u></em></p>
<p>
<object classid="clsid:166B1BCA-3F9C-11CF-8075-444553540000" width="425" height="344" align="texttop" class="floatleft">
<param name="movie" value="http://www.youtube.com/v/xuSVXplLUbw?fs=1&hl=en_US&color1=0x2b405b&color2=0x6b8ab6">
<param name="allowFullScreen" value="true">
<param name="allowscriptaccess" value="always">
<embed src="http://www.youtube.com/v/xuSVXplLUbw?fs=1&hl=en_US&color1=0x2b405b&color2=0x6b8ab6" width="425" type="application/x-shockwave-flash" height="344" allowscriptaccess="always" allowfullscreen="true" align="texttop"></embed>
</object>
<a href="http://www.youtube.com/bayshoresbc" target="_blank" class="Heading4youtubelink">CLICK HERE! to see additional video clips on our YouTube Site including; Beaches, Horse Arenas, Sand Plowing & More!</a><br>
<p>
</div>
<div id="bulleted_list">
<strong class="MainHeadingStyle"><br>
BAYSHORE SAND & BEACH CLEANERS:</strong><p></p>
<p class="parrbodytext2"><span class="SubHeadingstyle"><u> Clean any sand surface:</u></span><br>
Private, Residential & Municipal Beaches of any size, Golf Bunkers, Volley Ball Courts, Horse Arenas, Playgrounds, Lakeshore.
<br>
</p>
<p class="parrbodytext2"><span class="SubHeadingstyle"><u>Offer sand plowing services:</u></span><br>
<span class="parrbodytext2">Elimanating sand drifts and/or uneven sand surface.<br>
</span> </p>
<p class="parrbodytext2"><span class="SubHeadingstyle"><u>Provides full beach clean-ups:</u></span><br>
<span class="parrbodytext2">Debris & seaweed removal, anything necessary to get your beach looking beautiful again.<br>
</span>
<p class="parrbodytext2"><span class="SubHeadingstyle"><u>Offers construction services:</u></span><br>
Create & install removeable wooden walkways, construction services and repair.
<p><span class="SubHeadingstyle"><u>Environmental or Natural Disaster Clean-up:</u></span><span class="parrbodytext2"><br>
BSBC cares about the environment & our beaches, we take great pride in our work offering tar ball clean-up and/or debris clean-up after an accident or natural event.<br>
</span></p>
<div class="parrbodytext" id=""footer area"">
<div align="center">
<p class="parrtext3">Visit us on <a href="http://www.facebook.com/pages/Bayshore-Sand-Beach-Cleaners-LLC/308365952347"><img src="%20images/facebook.png" alt="facebook" width="41" height="39" align="absbottom"></a> today!</p>
<p class="parrtext3"><strong><strong><strong><strong><strong><strong><strong><strong><strong ><strong><strong><strong><strong><strong><strong><strong><strong><img src="%20images/barsandart15.jpg" width="896" height="21" alt="BAR"></strong></strong></strong></strong></strong></strong></strong></strong></stron g></strong></strong></strong></strong></strong></strong></strong>Office:732.929.0847 •<a href="mailto:email: [email protected]">email: [email protected]</a>• Cell:908-794-9184 </strong></p>
</div>
<div align="center">
<p>©2011 Bayshore Sand & Beach Cleaners, LLC</p>
</div>
</div>
</div>
<p> </p>
</div>
<em>
<script type="text/javascript">
var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
</script>
</em></div>
<script type="text/javascript">
swfobject.registerObject("FlashID");
</script>
</body>
</html> -
Is my computer infected with Malware?
I know it is unlikely since I am on the allegedly impenetrable OS of Mac, but a couple of things happened lately whilst I was browsing the internet on Safari that make me think I may have.
A couple of days ago whilst I was using a site for streaming music, I clicked on a link, two specific songs in fact, and it immediately took me to a page warning me that the site may contain potentially harmful malware. This may have been my OS alerting me, I don't know.
Following that, yesterday evening while I was browsing, I noticed a pop-up advert for a mobile phone company or something and I couldn't understand how it had appeared. So I clicked the back button on it and it seemed to go back momentarily to some site called sublimemedia.com and then return to the original pop-up that was causing me concern.
To the best of my knowledge I did not click on anything that would have directed me this to pop-up, and it happened several times of it's own accord, sometimes opening a new page, and one time it seemed to redirect the tab I was in to a pop-up advert whilst opening a new page with the page I was originally looking at, if you know what I mean...
I have Safari set so as to only open pop-ups from sites that I navigate to.
So do I have some form of malware, adware, scareware on my computer and if so how do I get rid of it?
I followed the instruction on this page.
http://www.macworld.com/article/60823/2007/10/trojanhorse.html
but it did not seem to detect anything untoward.
I have also run ClamXav on everything and again my computer appears to be virus free.
Message was edited by: STU9000A couple of days ago whilst I was using a site for streaming music, I clicked on a link, two specific songs in fact, and it immediately took me to a page warning me that the site may contain potentially harmful malware. This may have been my OS alerting me, I don't know.
It was not the OS alerting you. The OS doesn’t send you messages in Web Pages. This is a simple “frighten the unwary computer user” web advert. Ignore it.
I noticed a pop-up advert for a mobile phone company or something and I couldn't understand how it had appeared. So I clicked the back button on it and it seemed to go back momentarily to some site called sublimemedia.com and then return to the original pop-up that was causing me concern.
This is exactly the same.
I have Safari set so as to only open pop-ups from sites that I navigate to.
It’s not perfect, I’m afraid and every now and then one will get past it.
So, no you’re not infected with Malware, these are sneaky forms of web advertising.
Regards
TD -
Published EXE file Error-Adobe captivate 4
Hi,
I'm having problems with publishing an EXE file in Adobe captivate 4. I know it has something to do with our internet browser settings, we are a Court location and we have strict settings, but I'm wondering if there are work arounds through adobe captivate. See error below:
-allowing active content such as script and ActiveX controls can be useful, but active content might also harm your computer. Are you sure you want to let this file run active content? Y/N
-Help protect security, internet explore has restricted this file from showing active content that could access your computer, click here for options.
If you just select yes and proceed the captivate file runs fine and you can complete the training. Our goal is to be able to publish in this format because it's more stable than the PDF or HTML option but we don't want users to experience this error from the start.
Thanks for helping with my questions!
LibbyHi, I've been trying to attach an image for the error message we get but not matter what I do it gives me an error and won't let me attach the image. Any suggestions or do you have an email I can send them too. The error message may be a little different than what I sent previously, it seems to give a different error message on different computers. But we are currently trying to create a new release of our training program so this should be the most current error message and the error message people will see when they open it on their PC's. Anyway this is what it says:
First Error Message:
File Download-Security Warning
Do you want to run or save this file?
Name: BasicCORIS_AttachAnAttorney.exe (name of our file)
Type: Application, 9.27MB
From: C:/CourtsOnlineTraining\Program Files\Dist....
Run Save Cancel (we select run, than you get next error message)
While files from the Internet can be useful, this file type can potentially harm your computer. If you do not trust the source, do not run or save this software. What's the risk?
Second Error Message:
Internet Explorer- Security Warning
The publisher could not be verified. Are you sure you want to run this software?
Name: BasicCORIS_AttachAnAttorney.exe
Publisher: Unknown Publisher
Run Don't Run
This file does not have a valid digital signature that verifies its publisher. You should only run software from publishers you trust. How can I decide what software to run?
I hope this makes sense. Let me tell you a little more about how our training is set up. We load the training on to a USB stick that includes a menu, the training modules, and a shortcut. Once the USB is downloaded on to the users PC they can select a shortcut icon for the training. Once they select the training shortcut it opens a menu that they can select training from. When they select on the desired training this is when they would receive these error messages. Our current release is in a HTML format, but because of this format the training interacts with the web browser and causes us problems so we were hoping to publish in exe and the training wouldn't open in a web browser.
Let me know if you have further questions or if I've just confused the situation more. Again thanks for your help!
Libby -
Hi!
I am designing a website in dreamweaver. I designed a banner and navigation bar in flash. (CS3)
My problem is that while the banner and nav bar work fine when previewed in flash, once I put them into dreamweaver and preview the site in my broswer the links do not work and I get this message:
For the time being the links go to google dot com. It doesnt seem to be a browser issue or an issue with my flash player settings.
Googling the problem gave me this: http://helpx.adobe.com/flash-player/kb/links-swf-files-dont-function.html
Basically, it is telling me I need to "allowscriptaccess = always" or tell the "navigateToURL to use "_blank" as the target" in the .swf. However, I would like the link to open on the same window/tab in the browser so I would prefer not doing it the "_blank" way.
I am more of a designer and new to coding in html and actionscript.
I have tried the method described in the Adobe help site but I must be doing it wrong.
Any help is appreciated!Hi,
This is the Flash Player Security Warning that gets thrown when a local content is trying to communicate with the Internet. This is being done to protect you from potentially harmful content that could be used to send sensitive information stored on your computer or local network to locations on the Internet. However you can allow such contents to communicate with the Internet by trusting your local file/application and add the local file(s)/file location(s) to the Flash Player Settings Manager trusted list.
Please follow the detailed instructions posted at http://helpx.adobe.com/flash-player/kb/communicate-internet-flash-content.html to add your local content(s) to the list of trusted files and you may also want to set to 'Always allow' to avoid the warning once for all.
Let us know if this is of any help to you.
Thanks!
Mohan -
In trying to clean some crap off my pc. I uninstalled the version of Adobe I had installed early Dec. this year. When I then tried to contact a website I used all the time it wouldn't show until I re-installed Adobe which I did.
Now the web site shows but it says a potentially harmful site is trying to access my computer. It gives me the options of clicking ''settings'' if I want to let it access and the other option is ''OK''. Excuse me for being obstinate but if ''settings'' is for ALLOWING access, then what the hell is OK for????? Sometimes I think I'm working with complete idiots.
I'm not going to click something which I have been warned is potentially harmful and I'm not going to click OK which in any REAL universe would ALSO mean accept the thing which is potentially harmful.
Secondarily, I wish they would give a phone # to talk to an actual person with a problem. They never seem to have a problem giving a # one can call to BUY something but heaven forbid someone who is already a customer should want some help in using the product THEY HAVE ALREADY PAID FOR.First things first. Flash Player IS FREE. If you've "paid for it" you didn't do it here.
Second, the "potentially harmful" notice is about a "local" (on your hard drive) HTML or SWF file trying to connect to the internet through Flash Player. It pops up for ANY file that attempts to connect, because that's a common way to deliver malware to an unsuspecting user. I've developed Flash content since 2007 and I've seen it hundreds of times for files I made myself so I KNOW they're safe.
It's a standard alert and can be easily worked around following these steps:
1. navigate to: http://www.macromedia.com/support/documentation/en/flashplayer/help/se ttings_manager04.html
2. click edit locations
3. click browse for folder
4. find the folder that contains your html and swf and click ok
5. you should see that folder in the "always trust files in these locations" field.
6. using your file browser, navigate to that now trusted folder and open the flash-published html in your web browser.
7. click your button.
If you still feel you need to talk to someone over the phone, you can call:
1 (800) 833-6687
That's available Monday thru Friday 6am to 7pm (PST)
And..
It's $39.99 per call, which MUST BE prepaid, and that applies whether or not your issue can be, or is, resolved. -
Dear Experts,
I was trying to explore the "preprocessor" command in external table, but I was not able to succeed.
I just followed the steps mentioned in, latest Oracle Magazine.
http://www.oracle.com/technetwork/issue-archive/2012/12-nov/o62asktom-1867739.html
But finally when I do the select from table df, I am getting the following error.
ORA-29913: error in executing ODCIEXTTABLEFETCH callout
ORA-29400: data cartridge error
KUP-04095: preprocessor command /export/csrmgr/ripple_dms/run_df.sh encountered error "error during exec: errno is 2
PS: The output of v$version;
Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
PL/SQL Release 11.2.0.2.0 - Production
"CORE 11.2.0.2.0 Production"
TNS for IBM/AIX RISC System/6000: Version 11.2.0.2.0 - Production
NLSRTL Version 11.2.0.2.0 - Production
Could anyone help me to resolve this issue.I'm not able to test Tom's example at the minute.
However, that new feature was discussed in the March/April 2011 edition of Oracle Magazine too.
Oracle Magazine March/April 2011 article on new feature in 11gR2 called the external table preprocessor.
by Arup Nanda
CHANGE IN PROCESS
Now suppose that with your external table and its text file in place, the input file for the external table is compressed to reduce the volume of data transmitted across the network. Although compression helps the network bandwidth utilization, it creates a challenge for the ETL process. The file must be uncompressed before its contents can be accessed by the external table.
Rather than uncompress the file in a separate process, you can use the preprocessor feature of Oracle Database 11g Release 2 with external tables to uncompress the file inline. And you will notneed to change the ETL process.
To use the preprocessor feature, first you need to create a preprocessor program. The external table expects input in a text format but not necessarily in a file. The external table does not need to read a file; rather, it expects to get the file contents “fed” to it. So the preprocessor program must stream the input data directly to the external table—and not
create another input file. The input to the pre-processor will be a compressed file, and the output will be the uncompressed contents.
The following is the code for your new preprocessor program, named preprocess.bat:
@echo off
C:\oracle\product\11.2.0\dbhome_1\BIN\unzip.exe -qc %1The first line, @echo off, suppresses the output of the command in a Windows environment. The remaining code calls the unzip.exe utility located in the Oracle home. The utility needs an input file, which is the first (and only) parameter passed to it, shown as %1. The options q and c tell the utility to uncompress quietly (q) without producing extraneous output such as “Inflating” or “%age inflated” and match filenames case-insensitively (c), respectively.
Next you need to create the directory object where this preprocessor program is located. Logging in as SYS, issue
create directory execdir as 'c:\tools';And now grant EXECUTE permissions on the directory to the ETLADMIN user:
grant execute on directory execdir to etladmin;Finally, create the new external table:
create table indata1
cust_id number,
cust_name varchar2(20),
credit_limit number(10)
organization external
type oracle_loader
default directory etl_dir
access parameters
records delimited by newline
preprocessor execdir:'preprocess.bat'
fields terminated by ","
location ('indata1.txt')
/It calls the preprocess.bat executable in the directory specified by EXECDIR before the external table accesses the indata1.txt file in the location specified by the ETL_DIR directory. Remember, indata1.txt is now a compressed file. So, in effect, the external table reads not the actual specified input file but rather the output of preprocess.bat, which is the uncompressed data from the indata1.txt file.
If you select from the external table now, the output will be similar to that of the earlier select * from indata1; query. The preprocessor passed the uncompressed contents of the indata1.txt (compressed) file on to the external table. There was no need to uncompress the file first—saving significant time and the intermediate space required and making it unnecessary to change the ETL process.
This inline preprocessing unzip example uses a script, but that is not always necessary. An executable can be used instead. For example, in Linux you can use /bin/gunzip. However, the utility can’t accept any parameters. So if you pass parameters (as in this article’s example), you must use a script.
Security Concerns
=================
The EXECUTE privilege on a directory is a new feature introduced in Oracle Database 11g Release 2. It enables the DBA to grant EXECUTE permissions only for certain directories and only to certain users. Without WRITE privileges, users will not be able to
update the executables inside a directory to insert malicious code, but users will be able to execute the “approved” code accessible in a single location. The DBA can put all the necessary preprocessor tools into a single directory and grant EXECUTE privileges there to the users who may need them. And, of course, the executables and data should be in different directories.
Preprocessing also requires some special precautions on the part of the DBA. Because the executables called by preprocessing programs will be executed under the privileges of the Oracle software owner and malicious executable code can cause a lot of damage, the DBA should be extremely careful in monitoring executables for potentially harmful code.
The directory containing the preprocessor executables needs to be accessible to the Oracle software owner for EXECUTE operations only, not for WRITE activity. Therefore, as an added precaution, the system administrator can remove WRITE access to that directory from all users, including the Oracle software owner. This significantly reduces the chance of damage by malicious code.
Other Uses
==========
Compression is not the only use for inline preprocessing, although it certainly is the most widely used. You can, for example, use this preprocessing technique to show the output of a program as an external table. Consider, for instance, the dir command in Windows for listing the contents of a directory. How would you like to get the output as a table so that you can apply predicates?
Getting and using this output is quite simple with the preprocessor functionality. Remember, the preprocessor does not actually need a file but, rather, requires the output of the preprocessor program. You can write a preprocessor program to send the
output of a dir command. The new preprocessor program, named preproc_dir.bat, has only the following two lines:
@echo off
dirYou will also need a file for the external table. The contents of the file are irrelevant, so you can use any file that the Oracle software owner can read in a directory to which that owner has read access. For this example, the file is dirfile.txt, and although the contents of the file are immaterial, the file must exist, because the external table will access it. Listing 1 shows how to create the table.
Because the dir command displays output in a prespecified manner, the external table easily parses it by reading the fields located in specific positions. For example, positions 1 through 10 display the date, 11 through 20 display the time, and so on. The dir command produces some heading and preliminary information that the external table has to ignore, so there is a skip 5 clause in Listing 1 that skips the first five lines of the output. The last few lines of the output show how many files and directories are present and how much free space remains. This output must be skipped as well, so the external table displays records only when the date column has a value.
Listing 1 also shows the result of a query against the external table. Because the MOD_DT column is of the date datatype, you can also apply a WHERE condition to select a specified set of records.
Code Listing 1:
===============
create table dir_tab
mod_dt date,
mod_time char(10),
file_type char(10),
file_size char(10),
file_name char(40)
organization external
type oracle_loader
default directory etl_dir
access parameters
records delimited by newline
preprocessor execdir:'preproc_dir.bat'
skip 5
load when (mod_dt != blanks)
fields
mod_dt position (01:10) DATE mask "mm/dd/yyyy",
mod_time position (11:20),
file_type position (21:29),
file_size position (30:38),
file_name position (39:80)
location ('dirfile.txt')
reject limit unlimited
-- select from this table
SQL> select * from dir_tab;
MOD_DT MOD_TIME FILE_TYPE FILE_SIZE FILE_NAME
16-DEC-10 10:12 AM <DIR> .
16-DEC-10 10:12 AM <DIR> ..
22-MAY-10 09:57 PM <DIR> archive
22-MAY-10 10:27 PM 2,048 hc_alap112.dat
05-DEC-10 07:07 PM 36 indata1.txt
22-DEC-05 04:07 AM 31,744 oradba.exe
16-DEC-10 09:58 AM 1,123 oradim.log
28-SEP-10 12:41 PM 1,536 PWDALAP112.ora
16-DEC-10 09:58 AM 2,560 SPFILEALAP112.ORA
9 rows selected.
-- select a file not updated in last 1 year
SQL> select * from dir_tab where mod_dt < sysdate - 365;
MOD_DT MOD_TIME FILE_TYPE FILE_SIZE FILE_NAME
22-DEC-05 04:07 AM 31,744 oradba.exe -
My current tab redirects me to another site on the same tab
I usually spend time reading articles in various sites and some of these sites have videos on it matching the article. But I lose my reading/ watching progress because without even clicking or pressing anything, the current tab redirects me to another site. Mostly, it'll redirect me to sites that starts with some kind of survey or just some download video downloader stuff. And I know these are potentially harmful sites. It pisses me off losing my reading/ watching progress because of these redirects. Please help me solve this. Thank you.
PS: I already disabled and removed all unwanted extensions and/or plug-insDo a malware check with several malware scanning programs on the Windows computer.
Please scan with all programs because each program detects different malware.
All these programs have free versions.
Make sure that you update each program to get the latest version of their databases before doing a scan.
*Malwarebytes' Anti-Malware:<br>http://www.malwarebytes.org/mbam.php
*AdwCleaner:<br>http://www.bleepingcomputer.com/download/adwcleaner/<br>http://www.softpedia.com/get/Antivirus/Removal-Tools/AdwCleaner.shtml
*SuperAntispyware:<br>http://www.superantispyware.com/
*Microsoft Safety Scanner:<br>http://www.microsoft.com/security/scanner/en-us/default.aspx
*Windows Defender:<br>http://windows.microsoft.com/en-us/windows/using-defender
*Spybot Search & Destroy:<br>http://www.safer-networking.org/en/index.html
*Kasperky Free Security Scan:<br>http://www.kaspersky.com/security-scan
You can also do a check for a rootkit infection with TDSSKiller.
*Anti-rootkit utility TDSSKiller:<br>http://support.kaspersky.com/5350?el=88446
See also:
*"Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked
*https://support.mozilla.org/kb/troubleshoot-firefox-issues-caused-malware -
Search and Address bar not working.
Hello, I have this problem were whenever I try to type in something into the search or addresys bars, nothing happens. It's like the enter key isn't working. There is not usual picture next to the search bar (the one that shows you what search engine you're using. If it's google it shows a "g" next to the bar). Instead there is just a picture of a blank page as a placeholder. When I try to go in and add a new search engine by managing the search engine list, there is no option to add a new search engine. I have already tried going into the firefox folder on my computer and deleted the formhistory.sqlite file that is the supposed problem. No avail. I have even gone so far to delete and reinstall firefox to my computer. Well, that didn't work either. So I waited until the next update to see if my problem would be fixed THEN. I am currently on firefox 19.0, which is, as of writing, the most current version. I have tried restarting firefox with all addons removed. And for good measure, I deleted anything that ended with ".sqlite" in my firefox folder. I have tried to get the the about:config menu but do not know how considering how my address bar refuses to search. The greatest thing is that my address bar can still remember all the sites I've typed into it before, but for some unknown reason, cannot take me to any of them! I really don't know what to do next. I can only suppose that I could try completely deleting everything firefox has stored on my computer, as I don't know if just uninstalling the program actually did that. Other then my search bar problem, firefox has been acting fairly normally besides a few minor hiccups here and there. I am trying to remember if I downloaded anything before my search bar problems started or not, but it is always a possibility. I did download the firefox beta for windows 8 metro mode but I can't remember if that was before or after firefox started acting up. It's possible considering that softonic thought they were being really nice by including fbdownloader for free with my firefox metro browser. I am now no longer using softonic ever again. But that's all the evidence I can think up right off the tip of my head. Sorry if this was kinda long, and if any of my description isn't clear or make sense please ask and I can try to verify. Also, if I haven't said this already, my search bar is only not working in firefox. Chrome, Internet Explorer, and Safari are all working fine. Just my luck, I guess. If anyone could help me out, I'd be much obliged. Not being able to use the address bar has been really inefficient. Thank you.
This is the solution I got:
on:
;-please follow these steps:
1. Enter about:config in the Firefox location bar and press Enter.
You should see a warning that making changes to the Firefox configuration can be potentially harmful to Firefox's integrity. Click the I'll be careful, I promise button to continue.
2 In the Search box at the top, enter keyword as the search term. You should see a few remaining items, one of these is keyword.URL. It should be bold.
3 Right-click on the keyword.URL setting and select MODIFY from the dropdown menu.
enter your favorite search engine
In my case
I entered
https://www.google.com/search?q=
And that was a super fix
for more cool stuffs like [http://example.com website Alexa ranking ] -
Web Start beginner - Web Start front end to existing web app?
Hi all,
I'm new to Web Start, though have been hearing about it for some time. Even after reading the documentation, I have some basic questions about it.
Specifically, is it possible to invoke business methods via something like a Struts ActionServlet through a Web Start gui? That is, say my Web Start app and my existing web-based Struts app were on the same server, could I easily invoke the ActionServlet by passing in a URL with parameters? Thus giving me the ability to completely reuse my 'MC' of my Model-View-Controller app, and just replacing/adding another view ('V')?
Has anyone ever done this? If so, are there good examples?
Thanks in advance,
MikeWebStart is a deployment mechanism for otherwise perfectly normal Java applications. WebStarted applications run on the client, not the server. WebStarted apps run in a protected environment (the Java sandbox), meaning they can't do potentially harmful things on the client machine such as reading and writing files or creating network connections to any server other than the one they were loaded from, unless you obtain special permissions from the user (the application needs to be signed for this to happen).
So there is nothing that specifically prevents you from using a WebStarted application as a front-end for a Struts webapp. If it makes sense to use a client-side application for that purpose is a question only you can answer.
Maybe you are looking for
-
MiniSAP 6.20: ALV tree not working in background
Good day! SAP provides a sample ALV tree program, BCALV_TREE_DEMO, which could be submitted in the background. However, it does not work in MiniSAP 6.20. It's kind of bizarre as it works in our Test system. Does anyone has any idea what's happening.
-
Paste text within "new folder" dialogue box not working
(Mac) If I'm taking a file and saving it, or exporting a file, etc., when I am in the dialogue to actually do so and click "new folder" then try to paste simple text here with "command+v" it doesn't work. Right-clicking and choosing paste does work.
-
Importing and Organizing Thousands of Photos into IPhoto
How can I import about 20 thousands photo into IPhotos and keep the logical organization? I just buy a Mac Mini and I start trying to move my photos. These are organized in directories by dates with a customize description for the occasion ( -/YEAR/Y
-
Database Error after upgrading to CF8
Hello, I have some applications which are running under CF MX 6.1 and MySQL 4.0. For the Database connection I use the J-Connector of MySQL. Now I upgraded one server to CF8 and MySQL 5.0. For the database connection I use the intern connector for My
-
Photoshop elements 12 installing software problems
Used redemption code for Adobe photoshop elements12 to get serial number but this doe not work and I have no access to my product.