I am using TextLocal tool to send SMS in my java code. I am using the same code snippet given here.
This is a transactional account. I am getting the following error
{"errors":[{"code":80,"message":"Invalid template"}],"status":"failure"}
This error code is nowhere found in the TextLocal documentation. Please let me know the solution if anyone has faced this issue before.
This was happening because the TextLocal transactional messages should be given a message template through the TextLocal dashboard and all the SMS sent should follow all the rules of these messages.
After the template has been created and followed, the issue is resolved.
go to Your login dashboard of textlocal
Then in send menu go to template and draft.
then open your template to see the message format.
And provide same massage format to your java method to send message.
Hope may it help you.
Few quick points to check
1.Is the message that you are passing in your API as per your approved
templates? If not, this error will come in response to your API. You
can check your approved templates under Send -> Templates & Drafts
2.Are all special characters in your template (&, #, #...) URL
encoded?
3.Are you using the same placeholder name
for multiple dynamic/replaceable parameters in your API? They have
to be unique.
4.Are you exceeding the max character length set for
the placeholder? Are you using a newline character? Replace all the
newline characters with %n
The above points are from textlocal SMS API documentation. You can also try copying the content of approved textlocal template into the Java code.
This because of the sending message content doesn't match the template which you created on the textlocal account.
check template is created or not. If not create a template and try.
If created check current message content match with your existing template.
This is happening because,
From a transactional account you can send only those messages that
match one of your pre-approved templates. Please ensure that your
messages match one of the approved template formats.
To create a Template,
Go to Your login dashboard of textlocal-> Send -> Templates and Drafts.
Then create a Template. Templates can be 2 types Static & Dynamic. You can create both by using this. Template message format should match the format in your code.
I am providing a link.. This will help to understand this more clearly.
How to create and format template
Related
I am working with ESAPI to try and validate windows directory paths. For some reason, the part of my directory path named \14\ is getting converted into a CRLF. The error I am receiving is below, what am I not understanding correctly? I feel like my regex should be working.
WARN IntrusionDetector [SECURITY FAILURE Anonymous:null#unknown -> /project-test/IntrusionDetector] Invalid input: context=directoryPath, type(DirectoryName)=^[a-zA-Z0-9:/\\!##$%^&{}\[\]()_+\-=,.~'` ]{1,255}$, input=C:\UsersTESTUS~1AppDataLocalTempTestCase8002TempWorkSpace, orig=C:\Users\TESTUS~1\AppData\Local\Temp\14\TestCase8002TempWorkSpace
As you can see, I am using the regex:
^[a-zA-Z0-9:/\!##$%^&{}[]()_+-=,.~'` ]$
My input is:
C:\Users\TESTUS~1\AppData\Local\Temp\14\TestCase8002TempWorkSpace
Ouput, after ESAPI does canonicalization and validation:
C:\UsersTESTUS~1AppDataLocalTempTestCase8002TempWorkSpace
Here is the line of code that causes me to receive the error;
String validatedSourcePath = ESAPI.validator().getValidInput("directoryUnzip", directory, "DirectoryName", 255, false);
File validFile = new File(validatedSourcePath);
#C.Williams: I was about 30 minutes into writing up a detailed reply in an editor and accidentally excited my editor window. I'm too ticked off at my stupidity of not saving it to write it again, especially since I was only about 75% done.
However, if you want to email me I can arrange to talk to you via Google Hangouts or Signal to tell you want your problem is and how you can fix it. But it's long and complicated and partially related to a bug the ESAPI team just fixed but is not in any official release yet. But I am not going to take another 45 minutes or more trying to reply with any written text. My email address should be easy enough to find. Just google for my name and ESAPI. I am one of the project co-leaders on ESAPI.
-kevin wall
Reading from this link, link, link, link, link and this SO answer about Microstrategy URL API, I want to pass the answer to one or more prompts in the request to that the report document is executed automatically without requiring the user to enter information.
When I tried to use valuePromptAnswer method for multiple prompt, Microstrategy only take the first argument. The other argument doensn't works. Here are the URL
http://111.222.333.444/MicroStrategy/servlet/mstrWeb?Server=******&Project=*****&Port=0&evt=4001&src=mstrWeb.4001&reportID=226F3C76422512B0E56995939C230DF1&visMode=0&reportViewMode=1&valuePromptAnswers=12^11
The microstrategy only takes the first argument.
Using elementsPromptAnswers generate the same result, only the first prompt receive the value
http://111.222.333.444/MicroStrategy/servlet/mstrWeb?Server=****&Project=***&Port=0&evt=4001&src=mstrWeb.4001&reportID=226F3C76422512B0E56995939C230DF1&visMode=0&reportViewMode=1&elementsPromptAnswers=F9365CA24CFDFD394F3D01ACB4EA5F21:1;474209F94C5C6140979F31848D01E40F:2
Using objectPromptAnswer generate the same result
http://111.222.333.444/MicroStrategy/servlet/mstrWeb?Server=****&Project=****&Port=0&evt=4001&src=mstrWeb.4001&reportID=226F3C76422512B0E56995939C230DF1&visMode=0&reportViewMode=1&objectsPromptAnswers=474209F94C5C6140979F31848D01E40F~12~DistChl
I've read the documentation carefully for each step by step. What I'm missed out? Is there any configuration on server side to accept all argument / parameters?
Thanks in advance.
We had did the thing you talk about using the next url:
mstrWeb?port=0&evt=2048001&src=mstrWeb.2048001&documentID=YOURDOCUMENTID&valuePromptAnswers={&Prompt1&}^{&Prompt2&}^{&Prompt3&}^{&Prompt4&}^{&Prompt5&}^{&Prompt6&}&promptAnswerMode=2
In the previous example, {&Prompt1&}, {&Prompt2&}, etc. are responses of a previous prompt. In your case, the url to create should be the next url:
mstrWeb?port=0&evt=2048001&src=mstrWeb.2048001&documentID=226F3C76422512B0E56995939C230DF1&valuePromptAnswers=12^11&promptAnswerMode=2
I think that your problem could be on the evt or promptAnswerMode parameters, because if these are not correctly configured it can get in troubles.
Hope that this answer solves your problem.
Greetings.
I am using the Stash's REST API in my project. My task is to get the tag details for a specific tag. After checking the Stash's REST API documentation, I found the correct endpoint that I should be using. It is
/rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/tags/{name:.*}
Please see this link for the Stash's REST API documentation.
There is one more endpoint /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/tags
With this endpoint I am able to retrieve all the tags. The StashTag object looks something like this.
{
"id": "refs/tags/v4.0.0",
"displayId": "v4.0.0",
"latestChangeset": "234dadf41742cfc2a10cadc7c2364438bd8891c5",
"latestCommit": "234dadf41742cfc2a10cadc7c2278658bd8891c5"
"hash" : "null"
}
My first problem is, I don't know which field to use as the parameter for {name:.*}. Should it be the displayId or Id or anything else.
The second problem is, I don't understand what it means to have : (colon) followed by a . (dot) in the endpoint /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/tags/{name:.*}.
Can someone explain me what is the purpose of :. in the path param and how to hit this kind of an endpoint. Also an example of the complete endpoint would be nice.
So far I have tried hitting
https://stashtest.abc.com/rest/api/1.0/projects/KARTIK/repos/kartiks-test-repository/tags/v4.0.0
https://stashtest.abc.com/rest/api/1.0/projects/KARTIK/repos/kartiks-test-repository/tags/refs/tags/v4.0.0
None of these endpoints work.
Any help is appreciated.
The {name:.*} is really just saying that the field name can be anything. Chalk this one up to poor documentation on their part. Think of it like Regex field, because that's exactly what it is. I'm sure at one point they had something like ^[0-9] then went back and changed it when they realized using only tag numbers would omit anyone using their lightweight tag features.
Remove the v from your tag version and see if that helps. If it does not, I would also recommend creating a lightweight tag (something like mytag) and seeing if you can hit it that way (i.e., /kartiks-test-repository/tags/mytag).
But looking at that documentation is telling me that your v in your tag name is throwing off the REST call.
I am trying to download the email using imap java ..I have downloaded most of the part of email but don't know how to download references part of email?Can someone provide help about which function is used to do that?any links to some page would be helpful.Thanks
References: <CALdDwZ=PQDu2eS1R2ONsrHJDgHDeZuNCUfEsfRqC3efzZfMaqg#mail.gmail.com>
<CAAD0KRhD7w1qdRiTG6U00ShroE1R00h7F73_AQ4yRnDE7jm6HA#mail.gmail.com>
<CALdDwZm2np83PmjrHY1jO54+6-dNKaM7+oxjaUHE_rUitMffrA#mail.gmail.com>
<CAAD0KRg2TJt0Y4oo-CsOCexrmat6kHakuFZSm_AvTDuSXjiTTw#mail.gmail.com>
<CAAD0KRhXUUwNjcAhc+4h-ftiJFW7q0y9gmDRGZ0khzyzWUDxbQ#mail.gmail.com>
<CAAD0KRgp6nhupkQhu2LWe6mXGuvK35XFdZLUUjfC4uGvsOZtcQ#mail.gmail.com>
<CAAD0KRhXaJ5FAuOxR760HBzgaD-_JyXoVAymeQf+nQdCawEgGA#mail.gmail.com>
These are message Id's of all the mails which took part in a conversation..Usually this is a part of an email.so I want to download it?
For downloading the References part of the email we need to use getHeader() function of Imap java ..This is the code :
if( msg.getHeader("References")!=null)
{
String[] headers = msg.getHeader("References");
System.out.println("headers");
for(int ab=0;ab<headers.length;ab++)
System.out.println(headers[ab]);
}
The references are Message-IDs. There's no way to directly access a message given the Message-ID. You can use the Folder.search method to search for messages with the given Message-ID in the specified folder, but there's no way to know what folder the message might have been moved to, nor is there any guarantee that the current user ever saw the referenced message.
I am using Fortify SCA to find the security issues in my application (as a university homework). I have encountered some 'Log Forging' issues which I am not able to get rid off.
Basically, I log some values that come as user input from a web interface:
logger.warn("current id not valid - " + bean.getRecordId()));
and Fortify reports this as a log forging issue, because the getRecordId() returns an user input.
I have followed this article, and I am replacing the 'new line' with space, but the issue is still reported
logger.warn("current id not valid - " + Util.replaceNewLine(bean.getRecordId()));
Can anyone suggest a way to fix this issue?
I know this was already answered, but I thought an example would be nice :)
<?xml version="1.0" encoding="UTF-8"?>
<RulePack xmlns="xmlns://www.fortifysoftware.com/schema/rules">
<RulePackID>D82118B1-BBAE-4047-9066-5FC821E16456</RulePackID>
<SKU>SKU-Validated-Log-Forging</SKU>
<Name><![CDATA[Validated-Log-Forging]]></Name>
<Version>1.0</Version>
<Description><![CDATA[Validated-Log-Forging]]></Description>
<Rules version="3.14">
<RuleDefinitions>
<DataflowCleanseRule formatVersion="3.14" language="java">
<RuleID>DDAB5D73-8CF6-45E0-888C-EEEFBEFF2CD5</RuleID>
<TaintFlags>+VALIDATED_LOG_FORGING</TaintFlags>
<FunctionIdentifier>
<NamespaceName>
<Pattern/>
</NamespaceName>
<ClassName>
<Pattern>Util</Pattern>
</ClassName>
<FunctionName>
<Pattern>replaceNewLine</Pattern>
</FunctionName>
<ApplyTo implements="true" overrides="true" extends="true"/>
</FunctionIdentifier>
<OutArguments>return</OutArguments>
</DataflowCleanseRule>
</RuleDefinitions>
</Rules>
</RulePack>
Alina, I'm actually the author of the article you used to solve your log injection issue. Hope it was helpful.
Vitaly is correct with regards to Fortify. You'll need to build what Fortify calls a "custom rule".
It will likely be a dataflow cleanse rule. A basic example can be found here: http://www.cigital.com/newsletter/2009-11-tips.php. If you own Fortify, there should be a custom rule writing guide in your product documentation.
I don't know what the taint flag you'll use is, but it would look something like "-LOG_FORGING". You would essentially write a rule to remove the log forging "taint" whenever data is passed through your utility method. Fortify will them assume that any data passed through there is now safe to be written to a log, and will not cause log forging.
You need to mark your replaceNewLine as sanitiser in Fortify (if I remember correctly) and it will stop reporting the issue.
You can actually create a new rule from a particular method.
Navigate to the function on the right side of audit workbench after you've done a scan.
Find your sanitizing method and right click on it.
You can generate a rule from it. What you want is a general DataflowCleanseRule.
I just did this based on the xml someone posted above. You can save the rule as a .xml file.
When updating your scan you can pass the -rule argument and point at the .xml file.