Please disregard my last post... I don't why I'm throwing myself into a discussion I don't really have the time to read right now. :) I didn't realize the conv. involved something other than cfhttp as a means of retreiving html / images for the thumbnail.
Isaac www.turnkey.to 954-776-0046 > Dave Watts wrote: >> >> The idea may not be insecure, but the implementation may >> very well be. Given >> similar things I've seen implemented using the IE >> interface, for example, >> his concern seems pretty on-target, since by automating >> IE you could very >> easily get to the filesystem and bypass your normal >> checks against such >> stuff. The fact is, browsers often have security issues, >> and what you're >> talking about - a web thumbnail generator - is, in >> effect, a browser - one >> that's running on your server. Personally, I don't know >> about you, but I >> wouldn't generally recommend the use of IE from a server >> console to browse a >> public internet site. CFHTTP, on the other hand, really >> doesn't pose the >> same sorts of risks, because it doesn't render anything - >> it just fetches. > Thank you Dave. That says it much better than I did. > Jochem > __________________________________________________________ > ____________ > Signup for the Fusion Authority news alert and keep up > with the latest news in ColdFusion and related topics. > http://www.fusionauthority.com/signup.cfm > FAQ: http://www.thenetprofits.co.uk/coldfusion/faq > Archives: > http://www.mail-archive.com/cf-talk@houseoffusion.com/ > Unsubscribe: > http://www.houseoffusion.com/index.cfm?sidebar=lists ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists