actually, use the ADDTOKEN="NO" attribute of CFLOCATION.
chris olive, cio
cresco technologies
[EMAIL PROTECTED]
http://www.crescotech.com
-----Original Message-----
From: W Luke [mailto:[EMAIL PROTECTED]]
Sent: Saturday, November 18, 2000 8:03 AM
To: CF-Talk
Cc: [EMAIL PROTECTED]
Subject: Re: HTTP Referrer
> Will,
>
> Use the variable CGI.http_referer (ie
> <cfoutput>#cgi.http_referer#</cfoutput> )
>
> Remember this won't work if the user typed the address in the URL bar
rather
> than clicking a link...
>
> Ed Zahurack believes this to a security hole - depends what you are using
it
> for IMO, go see:
>
>
http://forums.allaire.com/devconf/Thread.cfm?&Message_ID=186738&_#Message186
> 738
Thanks Rich I'll take a look. I note that <Cflocation> also appends the
CFID and CFTOKEN to the URL once the new location has been loaded, which I
didn't realise it did - unfortunately there doesn't seem a way round it.
> Its also not wise to rely on it - some proxy servers (and webservers?)
strip
> it out as an option.
> Make sure you have error handling in place and you should be fine :)
Will do, cheers for the tip. It seems to work really well - I had
previously tried the normal Javascript "Onload" function, but ran into
problems. Fingers crossed this time.
Cheers,
Will
--
Coming soon: http://www.LocalBounty.com
Local Classified Advertising for the UK
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
