I was unaware of this particular bug until today. How can one prevent this
bug from being used on their own code?
Thanks in Advance
Larry Juncker
Senior Cold Fusion Developer
Heartland Communications Group, Inc.
-----Original Message-----
From: Gary McNeel, Jr. [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 19, 2000 10:55 AM
To: CF-Talk
Subject: RE: Danger of the +.htr bug
Absolutely there is a danger. Just off the top of my head I can think of a
few. These may not be best practice but:
1. If you put the username and password in a CFQUERY they can see that (and
anything else).
2. If you just hard code a password or IP range to be blocked, or other
information that should not be seen.
3. If you have a client you do work for THEY have copyright to the code.
They paid for it, it is theirs.
4. Any CF comments become visible. You may be explaining a business process
and it gets read by someone who does not need to know about it.
Because you may have a bunch of people coding, you cannot anticipate what
may or may not be put in the code.
-Gary
> -----Original Message-----
> From: Eric Dawson [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, December 19, 2000 10:15 AM
> To: CF-Talk
> Subject: Re: Danger of the +.htr bug
>
>
> Is there any danger to the +.htr beyond being able to view the
> source code
> of the site?
>
> ie if you want my source code ... 1.) Why? I don't want it, but
> am forced to
> code it, and 2.) It might be easier to ask me for it, cause I'll
> zip up all
> the files and email it to you.
>
> Eric
>
>
> From: "Jamie Keane" <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: CF-Talk <[EMAIL PROTECTED]>
> Subject: Re: Cool CF site - webos.org
> Date: Tue, 19 Dec 2000 08:57:29 -0500
>
> The fact that they don't have the +.htr bug patched. Veeeeery
> interesting.
>
> Cheers,
> Jamie
>
> --
> Jamie Keane
> Programmer
> SolutionMasters, Inc.
> 9111 Monroe Rd., Suite 100
> Charlotte, NC 28270
> www.solutionmasters.com
> 704.563.5559 x 228 Voice
> 704.849.9291 Fax
> -----Original Message-----
> From: Gena <[EMAIL PROTECTED]>
> To: CF-Talk <[EMAIL PROTECTED]>
> Date: Monday, December 18, 2000 5:41 PM
> Subject: Re: Cool CF site - webos.org
>
>
> >Pardon,
> >
> >do you mean this web site or my message???
> >
> >Regards
> >
> >
> >----- Original Message -----
> >From: "Jamie Keane" <[EMAIL PROTECTED]>
> >To: "CF-Talk" <[EMAIL PROTECTED]>
> >Sent: Tuesday, December 19, 2000 9:20 AM
> >Subject: Re: Cool CF site - webos.org
> >
> >
> >> *ROFL*
> >>
> >> That's the funniest thing I've seen this month!
> >>
> >> --
> >> Jamie Keane
> >> Programmer
> >> SolutionMasters, Inc.
> >> 9111 Monroe Rd., Suite 100
> >> Charlotte, NC 28270
> >> www.solutionmasters.com
> >> 704.563.5559 x 228 Voice
> >> 704.849.9291 Fax
> >> -----Original Message-----
> >> From: Gena <[EMAIL PROTECTED]>
> >> To: CF-Talk <[EMAIL PROTECTED]>
> >> Date: Monday, December 18, 2000 4:54 PM
> >> Subject: Re: Cool CF site - webos.org
> >>
> >>
> >> >And what is cool on this site? I found only one thing - it
> is possible
> to
> >> >get all source code from this URL. It is not cool.
> >> >
> >> >----- Original Message -----
> >> >From: "Eric Fickes" <[EMAIL PROTECTED]>
> >> >To: "CF-Talk" <[EMAIL PROTECTED]>
> >> >Sent: Tuesday, December 19, 2000 8:00 AM
> >> >Subject: Cool CF site - webos.org
> >> >
> >> >
> >> >> Hello all,
> >> >>
> >> >> I was wondering if any of you have seen/used www.webos.org yet? I
> >> noticed
> >> >> that it's using CF, so I was hoping that some of you may have an
> answer
> >> to
> >> >> my question. WebOs emulates a desktop, and pops up windows within
> one
> >> >large
> >> >> parent window. I would love to do this on my inhouse site for
> >navigation
> >> >> and was wondering if any of you knew how to do this.
> >> >>
> >> >> E
> >> >>
> >> >>
> >> >>
> >> >
> >>
> >
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
