Re: Session vars and IFRAME
> phil williams wrote: > > > > Any ideas however on how to tackle the session vars problem would be > greatly appreciated! ;-) > > What does LiveHTTPHeaders tell you? If you need help decrypting > the headers just send the log to the list. > Jochem OK this has totally freaked me out now. The damn app just decided to strat working! I tested it with Firefox and the session vars were being kept. I then tested with IE and it still worked... I powered down my machine, unplugged it and threw it in the car, drove round the block for time, plugged it back in and the damn thing still worked! :-) I'm really not sure why this has suddenly decided to play nioce when I didn't change a thing but thanks anyway for everyone fixing my app via brainwaves! ~| Special thanks to the CF Community Suite Gold Sponsor - CFHosting.net http://www.cfhosting.net Message: http://www.houseoffusion.com/lists.cfm/link=i:4:183751 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
Re: Session vars and IFRAME
>Jochem ofcourse refers to the buffer overflow vulnerability found in >Iframes :) And yes, it is a vulnerability but still I believe you must >take those not to seriously. Software always contains bugs, IE contains >them, FireFox contains them, Safari contains them, Opera contains them, >etc.etc. We can't browse with a piece of paper and a pencil, or clear >our apps from everything coming out as vulnerable. If that is the case >we all should stop writing for browsers .. ;) > >Micha Schopman >Software Engineer > >Modern Media, Databankweg 12 M, 3821 AL Amersfoort >Tel 033-4535377, Fax 033-4535388 >KvK Amersfoort 39081679, Rabo 39.48.05.380 I really appreciate the discussion this has spawned on the use of IFRAMEs but it won't be an issue in this case as all the resellers are invited guests so the security implications are minimal. Any ideas however on how to tackle the session vars problem would be greatly appreciated! ;-) ~| Special thanks to the CF Community Suite Gold Sponsor - CFHosting.net http://www.cfhosting.net Message: http://www.houseoffusion.com/lists.cfm/link=i:4:183726 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
Re: Session vars and IFRAME
>Are both locations in the same domain? > >Micha Schopman >Software Engineer > >Modern Media, Databankweg 12 M, 3821 AL Amersfoort >Tel 033-4535377, Fax 033-4535388 >KvK Amersfoort 39081679, Rabo 39.48.05.380 The data is being drawn from a dedicated IP address as opposed to a domain. There is an application.cfm file in there to retail the vars ~| Special thanks to the CF Community Suite Gold Sponsor - CFHosting.net http://www.cfhosting.net Message: http://www.houseoffusion.com/lists.cfm/link=i:4:183709 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
Session vars and IFRAME
Hi, I am developing an app for a local printing firm allowing them to resell their products through a range of resellers sites. The way I'm doing it is to use an IFRAME to pull in the menus and products direct from the clients site. The problem I have is that the IFRAME is not saving session variables which causes big problems as the cart cannot be retained, logins, etc. It looks like to me that when you refresh the main IFRAME pane, the CFID is being regenerated each time thus clearing the vars. My question is is this the best way forward? Why are the session vars not being kept? How do I get them to stay? Why is the sky blue! ;-) TIA! ~| Special thanks to the CF Community Suite Gold Sponsor - CFHosting.net http://www.cfhosting.net Message: http://www.houseoffusion.com/lists.cfm/link=i:4:183694 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
Re: CFPOP Issues
> >If you're running on Windows, you could try CFX_POP3. If you want to > try > >before you buy, then contact me offlist! > > > >Paul > > Already got that tag installed on the server. If I could understand > what is actually causing the error then I could advise the customer. > Could it be down to not using CFLOCK perhaps? Sorry just reread your message. Great tag btw, I'm using it to build a full webmail client... :-) [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
Re: CFPOP Issues
>If you're running on Windows, you could try CFX_POP3. If you want to try >before you buy, then contact me offlist! > >Paul Already got that tag installed on the server. If I could understand what is actually causing the error then I could advise the customer. Could it be down to not using CFLOCK perhaps? [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
CFPOP Issues
Hi, One of my hosting clients is having an issue withn CFPOP and I'm not sure how to advise him: "I have been accessing the emails coming into my main account ([EMAIL PROTECTED]) for some time now, using CFPOP as it is a requirement for a process within my application. For a time I was getting in ok, but then I started receiving the following message: java.lang.IllegalStateException: Folder is not Open I did some research into this error and discovered that in J2EE applications it sometimes occurs when trying to access the mail server via a proxy and not directly - the mail body retrieval eg: action="" out if you have just asked for the email header in the preceding request. The problem seems to have degenrated even further now, and I can't gain access to my mail box via CFPOP anymore at all, it just hangs and eventually reports the same "folder not open" message (even though I'm only trying to get the first 10 emails)." Any ideas? [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
Re: Problem with sending XML through local socket
Problem resolved. There was an inconsistency with the cert which was causing the post action to time out. Many thanks to Dick for his offer of support off-list... >http://www.securetrading.com/download/xpay/XPayAPI.pdf > >They don't give an example for CF and the API is a bit thin as well I'm afraid... > >>> [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
Re: Problem with sending XML through local socket
http://www.securetrading.com/download/xpay/XPayAPI.pdf They don't give an example for CF and the API is a bit thin as well I'm afraid... >Is the API manual available online? > >If not, could you post the CF example they give? > >Dick > >On Aug 28, 2004, at 6:24 AM, phil williams wrote: > >> [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
Re: Problem with sending XML through local socket
Hi Dick the API is running as I was able to send a test transaction using their Java code. In their API manual they do recommend using the CFHTTP methofd to post the xml but the use CGI within the CFHTTPPARAM tag not xml. This gave me an error so I changed it... >On closer examination, The Test.java program you provided, is just an >example of how to call the ST interface from Java -- the equivalent to >what you are doing in your CF program. > >There is another program provided by ST that listens on socket 5000 for >a request from either of the above and sends that to ST for >authorization. This program is called the XPay API (or somesuch). > >The problem you are experiencing (timeout) in your CF program is >because the XPay API is not running (listening for your requests) > >HTH > >Dick [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
Re: Problem with sending XML through local socket
I am using post to send the XML through cfhttp. The three test files are: >1) Your test certificate file Sorry but this contains sensitive data. All it simply is is a pem file and would not be causing the timeout error. >2) the test.xml file 5000 GBP Merchant Sitereference 1 Mr. Joe A. Bloggs CEng. Test Company 789 High Street Bangor Gwynedd LL45 6DF UK 11 [EMAIL PROTECTED] VISA 4111 123 02/08 Order0001 This is a test order 123456789 Somewhere Else >3) the sendPayment.xml example Thius is identiacal to the above. I would prefer to use CF to send the dat rather than Java as my Java programming ability is approximately zero! ;-) [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
Problem with sending XML through local socket
OK I have been implementing the Secure Trading socket, http://www.securetrading.com , for an online store that I am developing for a client and have hit a snag. The system uses a Java file to connect through the localhost on port 5000 to send the data to ST for processing in XML format. A XML response is then returned. Their example using Java to send the XML is fine but my ColdFusion code is getting a time out ewrror. Heres the code Im using:
Its simply reading the xml file and sending it with cfhttp. Their Java code is like this:
/
* SECURETRADING Merchant Software
*
* Sample Java XPay script
*
* Description:
* Reads an XML string in from a file (representing a merchant's own script)
* and then open a socket, writing the XML string to the XPay API.
* The certificate is read in and replaced in the XML string
* To run this file ensure that test.xml resides in the same directory as
* this file
*
* Version 2.2
*
* Last modified: 25/02/2002
*
* Copyright (C) 2002 SECURETRADING All rights reserved.
*
* This software is for informational purposes only.
* SECURETRADING make no warranties, express or implied, through the
* distribution of this example.
*
* SECURETRADING
* http://www.securetrading.com
* Tel (+44) 01248 672 050
* Email [EMAIL PROTECTED]
*
* You may only modify or use this script for the purpose of
* authorised access to the SECURETRADING Payment Gateway Network
* in accordance with your SECURETRADING Agreement.
*
*/
import java.net.*;
import java.io.*;
public class Test
{
public static void main(String[] args) throws Exception
{
// First get the location of the certificate file from the command line
System.out.println("** Note: When using live certificates, they should be kept in secure place on your server **\n");
String filename;
try
{
filename = args[0];
}
catch (Exception e)
{
System.out.println("Certificate Filename Error\n");
System.out.println("Incorrect or no certificate filename specified");
System.out.println("Include the certificate filename when running this example :");
System.out.println("java Test mycert.pem\n");
System.out.println();
throw new Exception("Certificate filename not specified");
}
// Use the given filename to read in the certificate details and then combine them with the XML from test.xml
try
{
// Read in the certificate
String certificate = Test.readFile(filename);
// As an example, send the XML string which is in the example test.xml file
// This string could normally be created by XML Parsers or other such objects
String xml = Test.readFile("test.xml");
// Combine the xml with the certificate
xml = Test.replace(xml, certificate);
// Connect to the XPay client which runs on this computer
System.out.println("Please wait while the transaction is authorised...");
String host = "127.0.0.1";
int port = 5000;
Socket sock = new Socket(host, port);
// Get the relevant streams to the socket
InputStreamReader ir = new InputStreamReader(sock.getInputStream());
BufferedReader in = new BufferedReader(ir);
OutputStreamWriter or = new OutputStreamWriter(sock.getOutputStream());
BufferedWriter out = new BufferedWriter(or);
// Send the actual xml string representing a transaction
out.write(xml);
out.flush();
// Receive the resulting XML response for this transaction
// Wait until the result is ready
// Now there is something ready to receive in the socket stream
String inputLine, result = "";
while( (inputLine = in.readLine()) != null )
result+=inputLine+"\n";
// Print the result. This could be parsed into any data structure
System.out.println(result);
}
catch (Exception e)
{
System.out.println("Error");
System.out.println(e.getMessage());
}
}
// Read in a file and returns the contents
private static String readFile(String filename) throws IOException, FileNotFoundException
{
System.out.println("Reading from file: "+filename);
BufferedReader input = new BufferedReader(new InputStreamReader(new FileInputStream(filename)));
String text="";
while (input.ready())
{
text += (char)input.read();
}
return text;
}
// In the XML add the certificate between the tags.
private static String replace(String xml, String certificate)
{
int fio = xml.lastIndexOf("")+13; // Add the length of the tag in order to point to the index of the end
int lio = xml.lastIndexOf("");
String result = xml.substring(0,fio)+certificate+xml.substring(lio,xml.length());
return result;
}
}
// END OF PROGRAM //
My question is is there anything wrong with my code or can I adapt their script to send the request as CF is Java based?
Thanks in advance
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
