On Mon, Jul 21, 2008 at 10:52 AM, Mischa Uppelschoten ext 10 <[EMAIL PROTECTED]> wrote: > That is a really good question and I'm curious about the input from the group. > Maybe use permissions on a webserver/file level? All legit requests would > be coming from localhost/127.0.0.1/server's IP address, right?
Actually, with AJAX, the requests would be from the browser. You need to remember that access to the CFC files themselves isn't bad. The key is restricting access tot he functions inside them using a security framework. Just like CFM files are accessible on the open internet and secured using CF code inside them, CFCs are no different. -Cameron -- Cameron Childress Sumo Consulting Inc http://www.sumoc.com --- cell: 678.637.5072 aim: cameroncf email: [EMAIL PROTECTED] ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------