Hey folks, I just wanted to report back that my client who was all worried about ColdFusion, and was considering shutting down the entire project and re-writing it in Java (on the recommendation of their in-house Java Developers) has seen the light (thanks, in no small part, to you guys).
I really appreciate the volume and quality of the responses from both CFTalk and my local CFUG. It looks like we'll get to keep this client after all! :o) +1 for ColdFusion!!! -Chris On 9/26/07, Andy <[EMAIL PROTECTED]> wrote: > > Thanks. Are there any programs out there that can check for some of these > vulnerabilities? > > -----Original Message----- > From: gary gilbert [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 26, 2007 7:32 AM > To: CF-Talk > Subject: Re: Security Questions > > Andy, > > XXS means cross-site-scripting. You should check out this > http://de.wikipedia.org/wiki/Cross-Site_Scripting entry in > wikipedia. There > are a number of cf functions floating around that have been written to > help > prevent this exploit as well as coding practices. > > > -- > Gary Gilbert > http://www.garyrgilbert.com/blog > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Download the latest ColdFusion 8 utilities including Report Builder, plug-ins for Eclipse and Dreamweaver updates. http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:289530 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
