I like that solution
>From: "Stephen Moretti" <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: CF-Talk <[EMAIL PROTECTED]>
>Subject: RE: URL Hack Fix??
>Date: Mon, 13 Aug 2001 18:15:36 +0100
>
> >
> > another hack question. I've read Don Vawter's website on how to
> > prevent this
> > type of attack. Someone told me at my work that there's an IIS patch
>that
> > prevents this. Is this true? I'm using IIS 4.0 and SQL 7.0 and
> > SQL 2000 for
> > the backend. I want to go back and add these fixes to my CF pages, but
>if
> > there's a patch, I won't need to do it.
> >
>Err no. there isn't a patch against a user changing the contents of a URL
>Query String that is sent to the server.
>
>I wish there was, but I think the only true fix is to find the user and go
>visit him/her with a couple of mates and take a baseball bat to their
>fingers.... ;o)
>
>Regards
>
>Stephen
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
