I rather assumed the caveat of the short url not being related to security... That is -- all the normal rules of security apply, and the short url does not _help_ you secure the site -- it actually doesn't really hurt in any way either, because if the short url can get someone to a place they're not supposed to be, then there is by definition, a pre-existing security error that should be fixed. Security itself should always be as close to the secured data / resources as possible. If the secured data is an individual page, security should ensure that nobody who's unauthorized for that page sees that page from that page, not for instance by removing links from other pages. This is a reasonably common mistake -- people try to secure a page by removing a link from other page(s) and someone who at one point was authorized to see the page, but is no longer authorized can still get access to it regardless by using a bookmark or typing in a url they remember.
Isaac Certified Advanced ColdFusion 5 Developer www.turnkey.to 954-776-0046 > It should just be noted that this can be a HUGE security > risk. Anyone who > wants to could then type in http://shorturl.com/?12345 and > potentially see > data they're not supposed to see. Just make sure you have > other security > checks in place. > -- > Mosh Teitelbaum > evoch, LLC > Tel: (301) 625-9191 > Fax: (301) 933-3651 > Email: [EMAIL PROTECTED] > WWW: http://www.evoch.com/ >> -----Original Message----- >> From: S. Isaac Dealey [mailto:info@;turnkey.to] >> Sent: Tuesday, October 29, 2002 2:20 PM >> To: CF-Talk >> Subject: Re: Shorter urls? >> >> >> You can create your parameters as a list or string and >> pass them >> as a single >> query string: >> >> http://www.site.com?detail,108,492 >> >> then use the list or the string to generate your >> variables for a >> a redirect: >> >> <cflocation >> url="index.cfm?fuseaction=#listfirst(cgi.query_string)#&c >> atid=#l >> istgetat(cgi.query_string,2)#&productid=#listgetat(cgi.qu >> ery_string)#"> >> >> Essentially, url-shorteners always work by condensing the >> url >> parameters and >> removing the &varname= portions of the query string and >> parsing the data >> manually. I've seen at least one web-site that offers a >> url-shortening >> service as an asp where you provide a long url and they >> enter it into a db >> and provide you with something like >> http://shorturl.com?3596 ... >> Which could >> always be done internally... >> >> Isaac >> Certified Advanced ColdFusion 5 Developer >> >> www.turnkey.to >> 954-776-0046 >> >> > Hi all, >> >> > I've searched the devcenter, google, etc. but can't >> > seem >> > to find any >> > discussion of how to generate shorter URL strings. I >> > want >> > to take: >> >> > http://www.site.com?action=blah&brand=1&name=blahblah&;. >> > ... >> >> > And convert it to >> >> > http://www.site.com/asdfwer234123 >> >> > I've seen it done but just can't remember where. Can >> > someone send me a url? >> >> > Thanks in advance, >> >> > Ian >> > -- >> > Portent Interactive >> > Effective web sites through Conversation Marketing >> > http://www.portentinteractive.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.
