> A CF application I'm planning is designed to make extensive
> use of CFCACHE to improve performance. Recently I heard that
> there may be some security implications if this tag is used.
>
> Has anyone had any bad experiences with CFCACHE in a security
> context? Any other problems?
There are some potential security concerns, but you can avoid them with
proper CFCACHE use.
By default, cached output is stored in the same directory as the script from
which it's generated. You can change this by setting the CACHEDIRECTORY
attribute, so that cached output is stored in a non-web-accessible
directory.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
