Costas Piliotis wrote:
> <cfparam name="cgi.http_referer" default="">
> <cfif cgi.http_referer eq ""><cfabort></cfif> at the top.
>
> Then, in your script, just enter:
> <script language="javascript" src="temp.cfm"></script>
Costas Piliotis also wrote:
> The only way for one to do this is if they know how to pass their own http
> headers. And then they need to know that you're looking at that
particular
> cgi variable, and they need to know what you're comparing to as well. Too
> much trouble for a little piece of javascript IMHO...
Sorry if I'm coming late to the party, but you don't need to spoof headers
at all. What follows is the high-tech security breaker:
<A HREF="temp.cfm">click here to d/l the JS file</A>
--
Mosh Teitelbaum
evoch, LLC
Tel: (301) 942-5378
Fax: (301) 933-3651
Email: [EMAIL PROTECTED]
WWW: http://www.evoch.com/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
This list and all House of Fusion resources hosted by CFHosting.com. The place for
dependable ColdFusion Hosting.
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
