Validate all fields, then it shouldn't matter if the form was your own or
someone else's.
Jim
----- Original Message -----
From: "Greg Wolfinger" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Friday, February 23, 2001 12:54 PM
Subject: preventing hacked forms
> Hey Guys:
>
> I was wondering what the best method is to confirm that the form variable
that are submitted were from a page from the server and not some hacker
downloading the source and changing stuff. I know you can use
CGI.HTTP_REFERER, however this is not always passed by all browsers. Any
Ideas.
>
> Thanx
>
> --=@ greg @=--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
