Sure, but I've got to ask: is that a concession to my point? :-) (that not every app that uses CFINPUT validation would be harmed if some bastard removed it?)
This isn't about me winning an argument, by the way. It's just that I can't tell if you're letting it go because you think I can't be convinced (or don't want to belabor the point), or because now that my point is clear, you see it's not so loopy after all. :-) If you'd say it's the former, fair enough, and don't feel compelled to make the point. I'm sure you've plenty busy, and others may feel that the two sides have been represented. This was just another of my counters to the assertion that some less-than-perfect features in CF need to be abandoned by all (CFFORM being among those often named). I just say, that's just not so for everyone. We just need to understand its limitations, and for that I do thank you and others for keeping us in mind of that. /charlie -----Original Message----- From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Dean H. Saxe Sent: Wednesday, March 11, 2009 11:23 AM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] over-stating security concerns? (was RE: ValidateAt parameter is effectively only client side ) Of course there is no disrespect Charlie. I think we all need a big group hug. ;-) Dean H. Saxe, CISSP, CEH ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------