c # – How to determine what types of content a server can receive

I am sending an http post to a local server from Angular (I run Visual Studio C #) and it returns an incorrect content type.
Is there an easy way to find out what types the server will accept?

I did not write the server; although it is large and complex … if I had the slightest idea of ​​where to look, I could have a chance.

Any ideas?

On Windows How to determine the encryption algorithm used in the certificate

How can you determine the type of encryption algorithm (for example, AES, DES, 3DES, etc.) that uses a certificate in Windows (10, 2012-2019)? Is it obvious and I don't see it in the certificate details?

What to consider to determine something as a security flaw?

Recently, I found a iframe injection Vulnerability in this website. This website allows users create projects and name them. So injected an iframe into the nomenclature function that can redirect the user to a malicious website. But I don't know if the names of the projects are visible to Other users or for the administrators, so I don't know if this is a vulnerability. I will be very grateful if you can answer my question. Thank you very much.

Security – How to determine if my CentOS 8 is vulnerable to CVE-2019-18348

I am a long-time Linux system administrator, but new to CentOS. I just need to determine if this CentOS server is vulnerable to CVE-2019-18348. To do that, I have to check if the installed packages are patched or have a way to test the vulnerability on the machine.

I have not found any reliable way to test the vulnerability, so I keep looking at package versions, change logs, etc.

First, some details about the vulnerability:

CVE-2019-18348: An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with rn (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)
https://nvd.nist.gov/vuln/detail/CVE-2019-18348
https://nvd.nist.gov/vuln/detail/CVE-2016-10739

Here are the details of the version of my system:

OS: centos-release-8.0-0.1905.0.9.el8.x86_64
Python: 3.6.8 - installed package is python36.x86_64 (3.6.8-2.module_el8.0.0+33+0a10c0e1).
glibc: 2.28-42.el8.1

The system is completely updated, but I don't see any security repository or backports enabled. I could not find any information on whether there is a repository of security updates for centos and how to enable it.

(root@host)# yum repolist
Last metadata expiration check: 1:37:46 ago on Fri 06 Dec 2019 07:51:08 PM UTC.
repo id     repo name                                       status
AppStream   CentOS-8 - AppStream                            5,089
BaseOS      CentOS-8 - Base                                 2,843
*epel       Extra Packages for Enterprise Linux 8 - x86_64  3,579
extras      CentOS-8 - Extras

The change log for glibc does not specifically list CVE-2019-18348. Although it may have been fixed in an earlier version, but I haven't found any way to verify that.

(root@host)# rpm -q --changelog glibc | grep -i cve
- Add upstream test case for CVE-2018-19591 (#1654010)
- CVE-2018-19591: File descriptor leak in if_nametoindex (#1654010)
- CVE-2018-11237: Buffer overflow in __mempcpy_avx512_no_vzeroupper (#1581275)
- CVE-2018-11236: realpath: Fix path length overflow (#1581270, swbz#22786)
- CVE-2017-18269: memory corruption in i386 memmove (#1580934)
- CVE-2017-14062, CVE-2016-6261, CVE-2016-6263:
- CVE-2018-1000001: Make getcwd fail if it cannot obtain an absolute path
- CVE-2017-16997: elf: Check for empty tokens before DST expansion (#1526866)
- CVE-2017-1000409: Count in expanded path in _dl_init_path (#1524867)
- CVE-2017-1000408: Compute correct array size in _dl_init_paths (#1524867)
- CVE-2017-17426: malloc: Fix integer overflow in tcache (swbz#22375)
- CVE-2017-15804: glob: Fix buffer overflow during GLOB_TILDE unescaping
- CVE-2017-15670: glob: Fix one-byte overflow (#1504807)
- Use execveat syscall in fexecve (swbz#22134)

The python changlog does not show any CVE, but "rhbz" numbers, which I guess are redhat bugzilla. I have some subscriptions with HR, but apparently it is not enough to see the details of these elements.

(root@host)# rpm -q --changelog python36 | grep -i resolves
- Resolves: rhbz#1695587
- Resolves: rhbz#1658271
- Resolves: rhbz#1654867
- Resolves: rhbz#1633534
- Resolves: rhbz#1633534
- Resolves: rhbz#1633561
- Resolves: rhbz#1633534
- Resolves: rhbz#1632637
- Resolves: rhbz#1633534
- Resolves: rhbz#1615727

This red had warning corrections CVE-2016-10739 in package glibc-2.28-72.el8.x86_64.rpm
https://access.redhat.com/errata/RHSA-2019:3513

But since this machine is centos and in version 2.28-42.el8.1, and the patch versions between RH and CentOS seem to be different, that does not seem to help me determine if this box is vulnerable.

If anyone can offer an idea of ​​whether this system is vulnerable, or point me in the right direction, I would really appreciate it.

Thank you

fractions: how to determine denominators when converting units

An example of converting 60kms / ph to ms (meters per second) is:

$$ frac {60km} {1hr} : = : frac {60km} {1hr} : cdot frac {1000m} {1km} : cdot frac {1hr} {3600s} : $ $

Looking at it, I can see that they became opposites, such as km as a numerator, so the following is a denominator and the final fraction is the denominator from the first as a numerator.

What knowledge do I need to know to use this instead of just guessing by the employer?

CauchyDistribution adjustment to the data list to determine the peak

I have a list of data in this form {{-3,12}, {- 3.01,13.4}, {- 3.04,13.6}, …} where the value x is the time and the value y is the current one.

FindPeak gives me peaks for every data point I have and FindFit doesn't give me the correct value, which I calculate by looking at the list line diagram of the data set.

Any advice on how to put a Cauchy distribution on my list or how to find the peaks, of which there should be 2. The rest is just background noise and is 3-10 mV, while the peaks are at 80 mV and should follow a Cauchy distribution.

Thank you very much for any advice … I have been searching the Internet for the last 3 hours trying to find a solution to this …

seo – How can I determine if the speed of my site is affecting my conversions?

I need to convince my team that our loading times are too high. Load times for / cart are approximately 10 seconds and load times for individual pages are approximately 6 seconds. I have seen all the studies on why your website should load in less than 3 seconds. However, it seems that I cannot identify in Google Analytics the proof that slow loading times are affecting my conversions.

I have analyzed year-over-year speeds against bounce rates, bounce and departure rates month by month, pages per session during periods when loading times are high, etc.

There is so much data that seems to contradict each other. Sometimes, a significantly longer load time has no impact on the pages per session or the output rate. In addition, this is a high traffic retail website.

So, the question is: What metrics can I use to show that slow page load times are affecting our end result?

google sheets: determine the location of the checkbox that activated a script?

I have hundreds of check boxes on multiple sheets in a single Google Sheets project.

When a user clicks on a checkbox, I want a script to be activated.

In that script, I need to know in which cell the check box that was clicked is located. Is there a way to do it without creating a hundred different scripts for each checkbox and encode the location of each of those cells?

For example, if I clicked on this checkbox

enter the description of the image here

I would like my script to know that it was activated from Sheet12: B2. If the specific sheet is not possible, then only the location of the cell (B2 in this case) is sufficient.

linear programming: determine the approximation factor in a greedy algorithm

Suppose we have n plates of food associated with a cost c, and we have guests so that each of them has a certain number of preferences.
We want to choose a menu so that we minimize the cost and at least one preference is satisfied for each guest.

I implemented an easy greedy algorithm that orders each element with respect to its $ (n ^ o satisfied people) / (cost) $ For example, if element "a" satisfies 3 people if they choose it and it costs 10, their relationship would be $ 3/10 $. I chose each element in a non-increasing order. Until I run out of people to meet.

How do I find the approximation factor for this algorithm? I think it should be around 2, since it is very similar to a greedy approach to the backpack problem, but I have no idea how to prove it.

calculation and analysis: how to determine which car will pull given its acceleration and towing capacity and everything?

So, let's say if two cars had a war pull, pulling each other. And we know everything about cars, their maximum speed, acceleration, towing capacity and everything. How can we determine which car will pull which one and at what speed? I hope this is the right forum to ask this question. I am looking for an equation.