re: the thread
There are a number of ways around the hack the guy is screaming about (ie.
cookies, checking to see the request was http, and from within it's domain,
etc).
John
----- Original Message -----
From: "Rich Wild" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Saturday, November 18, 2000 8:30 AM
Subject: RE: HTTP Referrer
> Will,
>
> Use the variable CGI.http_referer (ie
> <cfoutput>#cgi.http_referer#</cfoutput> )
>
> Remember this won't work if the user typed the address in the URL bar
rather
> than clicking a link...
>
> Ed Zahurack believes this to a security hole - depends what you are using
it
> for IMO, go see:
>
>
http://forums.allaire.com/devconf/Thread.cfm?&Message_ID=186738&_#Message186
> 738
>
> Its also not wise to rely on it - some proxy servers (and webservers?)
strip
> it out as an option.
> Make sure you have error handling in place and you should be fine :)
>
>
> -------------------------------------------------------
> Rich Wild
> Senior Web Designer
>
> -------------------------------------------------------
> e-mango.com ltd Tel: 01202 587 400
> Lansdowne Place Fax: 01202 587 401
> 17 Holdenhurst Road
> Bournemouth Mailto:[EMAIL PROTECTED]
> BH8 8EW, UK http://www.e-mango.com
> -------------------------------------------------------
> This message may contain information which is legally
> privileged and/or confidential. If you are not the
> intended recipient, you are hereby notified that any
> unauthorised disclosure, copying, distribution or use
> of this information is strictly prohibited. Such
> notification notwithstanding, any comments, opinions,
> information or conclusions expressed in this message
> are those of the originator, not of e-mango.com ltd,
> unless otherwise explicitly and independently indicated
> by an authorised representative of e-mango.com ltd.
> -------------------------------------------------------
>
>
>
>
> > -----Original Message-----
> > From: W Luke [mailto:[EMAIL PROTECTED]]
> > Sent: 18 November 2000 12:11
> > To: CF-Talk
> > Subject: HTTP Referrer
> >
> >
> > Hi,
> >
> > How can I get the HTTP referrer URL in CF? I'd like to do a
> > <cflocation>
> > and make the URL the referrer, to take users back to where
> > they were trying
> > to go once logged in.
> >
> > Cheers,
> >
> > Will
> >
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > Structure your ColdFusion code with Fusebox. Get the official
> > book at http://www.fusionauthority.com/bkinfo.cfm
> >
> > Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> > Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
> >
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
>
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
