Costas Piliotis wrote: > <cfparam name="cgi.http_referer" default=""> > <cfif cgi.http_referer eq ""><cfabort></cfif> at the top. > > Then, in your script, just enter: > <script language="javascript" src="temp.cfm"></script>
Costas Piliotis also wrote: > The only way for one to do this is if they know how to pass their own http > headers. And then they need to know that you're looking at that particular > cgi variable, and they need to know what you're comparing to as well. Too > much trouble for a little piece of javascript IMHO... Sorry if I'm coming late to the party, but you don't need to spoof headers at all. What follows is the high-tech security breaker: <A HREF="temp.cfm">click here to d/l the JS file</A> -- Mosh Teitelbaum evoch, LLC Tel: (301) 942-5378 Fax: (301) 933-3651 Email: [EMAIL PROTECTED] WWW: http://www.evoch.com/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4