How about putting it in a WDDX structure, encrypting the structure, then
if you find a fuseaction=decrypt in the query_string you would pull it
out of the WDDX packet?
I found a tag in Developer exchange that encrypts WDDX or objects as
well by ALEX KUZNETSKY that I am looking at right now. . . .to overcome
this limitation, cause I just ran into it.
This should be easy to implement . . . gotta lova all those CF functions
and structures they built for us to use.
McCollough, Alan wrote:
> I looked into this, but the size of a URLEncrypted string grows pretty
> quick. You can quickly hit the 2K limit that some webservers have, to
> prevent buffer overload attacks. Its pretty easy to overload a URL string.
>
>> -----Original Message-----
>> From: Joseph Higgins [SMTP:[EMAIL PROTECTED]]
>> Sent: Tuesday, March 27, 2001 9:32 AM
>> To: Fusebox
>> Subject: FormURL2Attributes
>>
>> Has anyone implemented encrypting the query string and parsing the
>> partially encrypted query_string back into attributes scoped variables
>> in a private version in their Form2URLAttributes. I think this could go
>> along with a security part of the tag for sights that do not need
>> indexing or url hacks.
>>
>> This is what I am thinking, use a custom tag to a cflocate:
>> <cf_urlcrypt
>> in = "fuseaction=members.authenticate&member_id=1">
>>
>> the output would be a string like this:
>> index.cfm?fuseaction=decrypt&M%3BJR%2F%40%2020%2AIZ%26%0A=A
>>
>> Formurl2Attributes would then internally say - hey I need to decrypt
>> this string. I need to lop off the "=A" on the end and
>> "index.cfm?fuseaction=decrypt&" on the front. Then decrypt that value,
>> and parse the url string into attributes scope.
>>
>> I am going to write this today for my own use, and if any of you are
>> willing to share please do, of course it will be a modification to the
>> tag but I will make mine so it will not break.
>>
>> Shawn Regan wrote:
>>
>>> Not sure if I read an email correctly yesterday. But did someone mention
>>
>> the
>>
>>> total rewriting of the FormURL2Attributes.cfm? If so how will this
>>
>> impact
>>
>>> the use of this new FormURL2Attributes.cfm with old fusebox apps? will
>>
>> these
>>
>>> apps need to be redone if we wish to use this new FormURL2Attributes.cfm
>>> with them?
>>>
>>>
>>> Shawn Regan
>>> Applications Developer
>>> Pacific Technology Solutions
>>>
>>>
>>>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
