
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
SERVICE OBJECTS, INC.
Service: Nuget Package for DOTS Address Insight
Operation: GetAddressInsight
Description: This package installs the DOTSAddressInsight.dll and its dependancies. This library wraps up the API calls to our DOTS Address Insight web service into best practices enforcing the highest uptime solution by implementing failover.
IMPLEMENTATION DETAILS: See the following sections - Standard Implementation
Note: The code being suggested in this file provides one possible solution using this particular service. There are many other possible solutions to using this service which may fit a particular problem . Please contact support@serviceobjects.com for more information.
Date Created: 12/4/2018 Last Modified: 12/4/2018
Modified by: D. Van Lant
WEBSITE http://www.serviceobjects.com
https://www.serviceobjects.com/products/address-geocoding/address-insight
DEVELOPERS GUIDE https://docs.serviceobjects.com/display/devguide/DOTS+Address+Insight+-+US
FREE TRIAL https://www.serviceobjects.com/products/address-geocoding/address-insight
SUPPORT EMAIL support@serviceobjects.com
THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
STANDARD IMPLEMENTATION
Step 1. Get the license key
When the package is installed all the endpoints to the service are added to your Web.config file. There is also an appSetting added in that file as well:
<add key="AINLicenseKey" value="wsXX-XXXX-XXXX"/>
You will need to replace the value attribute with a real trial or live key from Service Objects. A trial key can be obtained from:
https://www.serviceobjects.com/products/address-geocoding/address-insight
In your code behind page you will want to pull the key from your Web.config file with a call like this:
string LicenseKey = ConfigurationManager.AppSettings["AINLicenseKey"];
Step 2. Make the API call
Gather your inout vaiables and use them as parameters in the line below to make thew call to the API operation:
DOTSAddressInsight.AINService.ResponseObject Response = DOTSAddressInsight.DOTSAIN.GetAddressInsight([BusinessName], [Address1], [Address2], [City], [State], [Zip], [TestType], [LicenseKey], [IsLive]);
Replace the parameter values in the square brackets above with your respective input values.
Step 3. Process the Response
Details about what you get back in the response can be found in the developers guide. The link for the guide is given above.
Find the section on the operation "GetAddressInsight". This is the operation this call makes and is the recommended operation for this service. See the developers guide for more information on the types of values that the services return.
FAQs
Unknown package
We found that dotsaddressinsight demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.