Hi All, I'd like to know which kind of security trick do you use to develop CF Application with the Ajax Request to CFCs (for example with jquery request $.get('MyComp.cfc?method=mymethod'))
My doubts are mainly prevent a "cross-site scripting" and to prevent the cfc methods with access=remote could be intercepted when invoked with ajax Request. I red about "verifyClient" in CF8 but i did not understand if it provides for all securities. some links: http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=ajaxdata_11.html#1156357 http://www.coldfusionjedi.com/index.cfm/2007/8/7/More-on-VerifyClient--ColdFusion-8-Ajax-Security-Feature ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:326080 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4