"Security Don't use hidden fields to pass any sensitive or important variable (e.g., "price" or a limitation on record set returns). While it's less of a problem with ColdFusion, it takes seconds to hack a page written in Perl or any CGI/server-side language that passes hidden form field variables. (Hacking 101: simply save the page source as an htm file, change the hidden variable to a price or limitation you like better, and pass your new local page to the absolute URL of the processing page."
How does one pass a local page to the absolute URL of the processing page? -----Original Message----- From: Harkins,Patrick [mailto:HarkinPA@;MapleLeaf.ca] Sent: Thursday, October 17, 2002 1:36 PM To: CF-Community Subject: RE: Big "dummy" flags here is a link to a little article, that may be of some use... http://www.biztool.com/magazines/cf_devop/archives/0302/hewitt/ Patrick > -----Original Message----- > From: Kevin Schmidt [mailto:schmidt@;hungrycow.com] > Sent: Thursday, October 17, 2002 1:17 PM > To: CF-Community > Subject: Re: Big "dummy" flags > > > Candace, > > I always wonder when I see pound signs where they aren't > needed and don't > belong. > > Kevin > > ----- Original Message ----- > From: "Candace Cottrell" <[EMAIL PROTECTED]> > To: "CF-Community" <[EMAIL PROTECTED]> > Sent: Thursday, October 17, 2002 11:48 AM > Subject: Big "dummy" flags > > > > As you all probably know, I am fairly new to CF. > > > > So, I have a client who wants to see a code sample. Are > there any "what > > a big dummy" flags in cf code that would cause the person to cringe? > > > > TIA > > > > Candace K. Cottrell, Web Developer > > The Children's Medical Center > > One Children's Plaza > > Dayton, OH 45404 > > 937-641-4293 > > http://www.childrensdayton.org > > > > > > [EMAIL PROTECTED] > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=5 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_community This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.
