Robertson-Ravo, Neil (RX) wrote: > What is the security risk? Many hands make light work...
Basically, in CFAJAX 1.3, if you pass a string argument to a function, and your string argument contains # escaped CFML code, the CFML executes on the server. in my example, if you typed #Now()# into the chat room, cfajax actually would process that and THEN pass the results to whatever function you're calling on the server. We're discussing it on the ajax list right now =) But the chat room is back online. http://www.opensourcecf.com/chat Rick ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:232440 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
