JRun Webserver is a webserver. You are talking about the JRun
application server. The first is part of the second; JWS is only good
for serving web pages and has none of the functionality a production
webserver needs (like security, URL rewriting etc).
On Sat, Aug 16, 2008 at 12:15 PM, Andrew
Not when someone asks a Java question and not a JavaScript question.
On Sat, Aug 16, 2008 at 12:21 PM, Andrew Scott
[EMAIL PROTECTED] wrote:
I don't know but maybe something like this
Try {
Var test = new Ext.GridPane();
} catch (e) {
// Library not found
}
I suppose you
Pseudo code dude..
The solution is the same is it not?
--
Senior Coldfusion Developer
Aegeon Pty. Ltd.
www.aegeon.com.au
Phone: +613 9015 8628
Mobile: 0404 998 273
-Original Message-
From: James Holmes [mailto:[EMAIL PROTECTED]
Sent: Saturday, 16 August 2008 4:08 PM
To: CF-Talk
There is no such thing as Jrun webserver, where did you get that
information?
Jrun was and has always been released in one version, JRun Application
Server.
I would love to know where you get your information, after 13 years
developing Coldfusion I have never in my life been introduced to Jrun
As far as I am concerned, Adobe should NOT charge for the actual engine and
it should be adopted to support plugins.
This would allow for an overall committee to emerge for the standardisation
of the engine itself across all flavours of open source engines, Adobe could
then use the plugin
On Fri, Aug 15, 2008 at 10:58 PM, Mark Mandel wrote:
What I'm curious about, is that there seems to be noone you can report this
to?
Well, I'm pretty sure there is something we could do, but the general
attitude seems to be to just suck it up.
And buy some stocks in the tech
On Fri, Aug 15, 2008 at 11:56 PM, Brad Wood [EMAIL PROTECTED] wrote:
They completely stopped on the 11th, but they are back to day spelling it
like DeCLARE.
We're seeing the same - we're using RegExp to pick 'em up now.
--
mac jordan
www.webhorus.net | www.reactivecooking.com |
Oh dear.
The JRun webserver is the inbuilt webserver that, if enabled, allows
JRun to serve web requests instead of using Apache or another server.
It's the same webserver that runs on port 8500 in standalone mode.
It the JWS mentioned in articles like:
Andrew, your initial point (that you made redundantly clear by way of
caps and repetition) was to never use subversion to move code to
production. You then make your detailed case that demonstrates your
reasons not to. I agree, in your situation you would not do so. But I
fail to see how you can
Mark Mandel wrote:
What I'm curious about, is that there seems to be noone you can report this
to?
You can report it to the abuse department of the ISP of the originating
IP. Just look up the IP delegation and the abuse address is usually
right there.
Jochem
Ok,
As you directed the response to me
1) I am not worried about what you think, the reason being is that I have
clearly stated that on a few occasions everyone is different.
2) Even when I did Coldfusion development full time, I had one client that
asked us to quote a job. This job
LOL...
Ever heard of IP spoofing? Sure you need to complain about it, but the one
thing they need to do is track the packets. This will only work if all paths
along the way, have log capturing to traverse the mac address to get the
correct IP address.
But yes start with your IP, give them as
Andrew Scott wrote:
Ever heard of IP spoofing? Sure you need to complain about it, but the one
thing they need to do is track the packets.
IP spoofing is really only a significant problem with UDP. With TCP any
decent ISP will catch spoofs in their egress filters. Even your cheap,
Taiwanese
1) I am not worried about what you think, the reason being is that I have
clearly stated that on a few occasions everyone is different.
Neither me you. You have clearly stated that everyone is different but
that no one should ever use SVN in production. I would like to know
the concrete reasons
Thanks for all of the input. It really is helpful.
~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j
Archive:
Hmmm,
I believe IP spoofing is still a huge problem. I know little about it, so no
more comment on that but a quick google shows that it is still a huge
problem.
As for polymorphic functions, that is not the issue. SQL injection is mainly
passed via the URL, header or some form of post to the
Andrew Scott wrote:
I believe IP spoofing is still a huge problem. I know little about it, so no
more comment on that but a quick google shows that it is still a huge
problem.
AIDS is a huge problem too. It is also about equally relevant for the
current wave of SQL injection attacks.
As
they are back.
Yeah, here too.
--
___
REUSE CODE! Use custom tags;
See http://www.contentbox.com/claude/customtags/tagstore.cfm
(Please send any spam to this address: [EMAIL PROTECTED])
Thanks.
Hmm,
I wasn't trying to compare ColdFusion to Grails, I used grails as an example
because it relies heavily on an ORM. The ORM has the needed datatypes for
the DB (or bind / prepared Statements), but when it comes to SQL injection,
it doesn't appear to be an issue.
Please read what I said, I
--
Senior Coldfusion Developer
Aegeon Pty. Ltd.
www.aegeon.com.au
Phone: +613 9015 8628
Mobile: 0404 998 273
And you haven't seen grails then, you can't get any more of a dyanmic
language than that:-)
It uses GORM, which is a entry point to hibernate and guess what it takes
care of eveything I
On Sat, Aug 16, 2008 at 6:15 AM, Jochem van Dieten wrote:
Andrew Scott wrote:
Ever heard of IP spoofing? Sure you need to complain about it, but the one
thing they need to do is track the packets.
IP spoofing is really only a significant problem with UDP. With TCP any
decent ISP will catch
Actually,
That should have been the reverse on URL filtering:-( In other words, I
should or could write a filter to do the checking of SQL injections. Sorry
my bad there. But it is only one way to do it.
Anyway as I do grails work I dug this link up for you all...
Andrew Scott wrote:
I stand by the fact that cfqueryparam, can and should be taken care of under
the hood. Other languages are doing it, so what does that tell you?
It tells me that they need additional configuration or convention.
I have 2 functions with the following signatures in my
You'll be happy to know that CF9 is rumoured to include Hibernate with
a corresponding set of tags, so CF should indeed be able to deal with
this under the hood.
On Sat, Aug 16, 2008 at 11:12 PM, Andrew Scott
[EMAIL PROTECTED] wrote:
--
Senior Coldfusion Developer
Aegeon Pty. Ltd.
Have you ever done any GORM work?
Now technically embedding hibernate into ColdFusion would technically be
under the hood as far as ColdFuison is concerned.
I mean, I might as well by your reasoning say that ajaxUI is not under the
hood in ColdFusion because it uses a 3rd part library to do its
Man your about 6 months late with that news
--
Senior Coldfusion Developer
Aegeon Pty. Ltd.
www.aegeon.com.au
Phone: +613 9015 8628
Mobile: 0404 998 273
-Original Message-
From: James Holmes [mailto:[EMAIL PROTECTED]
Sent: Sunday, 17 August 2008 1:35 AM
To: CF-Talk
Subject:
CF8 Exam Buster from CentraSoft (http://centrasoft.com)
CF8 Exam Buster is the ultimate testing tool specifically designed to help
ColdFusion developers earn their Adobe ColdFusion 8 Certification through the
Adobe Certified Professional Program.
CF8 Exam Buster has 384 questions designed to
Sorry for the problems with the House of Fusion site. We've been under
massive attack by sql injection bots and I've just been able to get a handle
on it. A fast solution to the problem is this:
cfif findnocase(';DECLARE, cgi.query_string)cfabort/cfif
It works unless you have a few hundred attacks
I haven't mentioned this before because I do believe that filtering
request URLs is the wrong approach
Care to elaborate on this?
Denstar, dig out your neo-security.xml file. In my Windows CF8 standalong
install it is located in C:\ColdFusion8\lib\neo-security.xml
Look at the following
I am new to the post, but I have been programming in CF for over 10 years and
know some of you from the CF Forums.
I am getting slammed with this crud as well on over 30 of my websites. Any
suggestions as how to handle this for multuple sites on 1 server? I just
discovered the issue as it
On Fri, Aug 15, 2008 at 3:21 PM, Barney Boisvert wrote:
You could attempt to load one of it's classes and catch the resulting
exception if it's missing. Based on whether that exception is raised
you'll know whether it's available.
Yes, that sounds like a good way to do it.
FWIW, when I've
I can't vouch for php, .Net but at least in the Java world ORM reduces that
risk to nil. And its built into the ORM, so if the ORM can't work out your
polymorphic function in the database then how does it do it?
php is as ColdFusion and Java; you can use a plain query string or use
a parametised
I am new to the post, but I have been programming in CF for over 10 years and
know some of you from the CF Forums.
I am getting slammed with this crud as well on over 30 of my websites. Any
suggestions as how to handle this for multuple sites on 1 server? I just
discovered the issue as it
David,
As a stop gap while in full force you could use the ISAPI filtering
technique or apache rewrite. This wuold keep it from reaching CF. Of course
that still might mean changing for every site in your pool of sites. I have
a post on it... The comments are pretty useful as well:
I haven't mentioned this before because I do believe that filtering
request URLs is the wrong approach
Care to elaborate on this?
Denstar, dig out your neo-security.xml file. In my Windows CF8 standalong
install it is located in C:\ColdFusion8\lib\neo-security.xml
Look at the following
Read what people are saying about the Exam Buster product on our
testimonials page (some early CF8 comments are already on there):
Just wanted to throw in my two cents that Exam Buster helped me prepare for
my MX 7 developer exam, and I aced it with a 97% and earned the Advanced MX
7 Developer
This reminds me of a great Homer-ism:
The internet...is that thing still around?
But seriously, Miva is *ancient* software IMO. I was using it 8 years ago a
LOT when I first got into the biz, and it was really robust, but really
really rigid. You couldn't do anything without the help of a
Man... at this point, after reading about all of these problems with
SQL injection, and having been told that it doesn't concern MySQL, I'm glad
I'm using MySQL. This would be one big, time-consuming headache, otherwise.
I'm a solo developer and can use whatever DB I prefer, but I realize some
Ditto! It was the one thing that allowed me to pass with a 91% to get
advanced. I haven't even through about taking the CF8 exam until Exam
Buster was out.
J.J.
On Sat, Aug 16, 2008 at 11:45 AM, Dave Phillips
[EMAIL PROTECTED] wrote:
Read what people are saying about the Exam Buster product
Well, I think we're in general agreement that Adobe should re-consider the
architecture of the cf8 product which would make it much more flexible, hence,
more options/opportunities for all (provider itself = Adobe, and a broad range
of developers... etc. etc.). Also, along this line of
I'm doing the request filtering in apache so that it never even
bothers my CF engine with the request, but I was wondering if Jochem
didn't like the filtering for a reason.
I wouldn't rely on it alone in any way, shape or form, but just
cutting down on the spam hits on the application seems like
On Sat, Aug 16, 2008 at 10:28 AM, Dominic Watson wrote:
[...]
A question for anyone who knows hibernate then; does it require
configuration per database, rely on convention or does it query the
schema to generate its mappings automatically?
You can do it however you want it, man!
It'll
Sounds awesome ;)
So in theory, CF could use Hibernate (when it releases that stuff in
9) to automatically parametise a query, with no extra work from the
developer, ie. the developer just writes:
cfquery name=myQuery datasource=myDs
SELECT foo FROM bar WHERE foobar = 4570
/cfquery
and
So for six months you've known the feature is coming yet you're still
arguing about it now? Do you just like wasting people's time?
On Sat, Aug 16, 2008 at 11:37 PM, Andrew Scott
[EMAIL PROTECTED] wrote:
Man your about 6 months late with that news
--
mxAjax / CFAjax docs and other useful
Another not so common approach, is spamstop.
This little wrapper for cf, allows someone to filter the request by known
attackers. So you could redirect them away or display garbage on the screen
or whatever.
Maybe another stop gap measure.
--
Senior Coldfusion Developer
Aegeon Pty. Ltd.
Rick,
I think it is only a matter of time, I only have one ColdFusion website that
is on a shared server/public. I have been through the attacks, but when
speaking with the hosting provider I think they started to put measures in
place for the entire servers.
Not 100% sure, as I haven't seen
The one thing that excites me is that ColdFusion is a dynamic language, if
Adobe introduce Hibernate and spring under the hood can you imagine
something like this.
Var myObject = new Person();
myObject.whereTitleLike('This is awesome');
or
myObject.findAllByFirstName('Andrew');
Having methods
No the developer could write
myObject.findAllByFirstname('Andrew');
I would imagine that cfquery will not change, and would remain for backward
compatability. At a guess!
--
Senior Coldfusion Developer
Aegeon Pty. Ltd.
www.aegeon.com.au
Phone: +613 9015 8628
Mobile: 0404 998 273
No I am not arguing about it, I am saying that there is no reason that
ColdFusion could not do what I said it could. It only means that with the
release of ColdFusion 9, it is more of a possibility that SQL Injection will
become a thing of the past for ColdFusion.
It doesn't excuse the fact that
On Sat, Aug 16, 2008 at 8:08 PM, Dominic Watson wrote:
Sounds awesome ;)
It is pretty cool, and the annotation approach is very tempting.
There are so many ways to do it tho... and I'm seriously thinking a
modeling language is where it's really at, but, this is still way fun.
=]
So in
Hi, All:
I have a query that selects a BLOB field (embedded file) from a table.
Then I use cfcontent to output the string to the browser. The code has
running fine until today all of a sudden it won't display the files. All
the files in that BLOB field are pdf files. The code looks like this:
There are always trade-offs.
Everything you add is a few (or more) cycles, and you've got to at
least sorta aim for optimization (if ambiguously).
Like, the hibernate stuff seems plenty fast to me right now, but what
happens when I toss a ton of requests at it, or use large tables or
something?
Add a cfqueryparam to that code and we'll help you ;-)
Have you tried killing the acrobat.exe process to make sure it isn't hung up
on something.
~Brad
- Original Message -
From: Nathan Chen [EMAIL PROTECTED]
To: CF-Talk cf-talk@houseoffusion.com
Sent: Saturday, August 16, 2008 10:44
First, check that your datasource has the enable BLOB checkbox ticked.
On Sun, Aug 17, 2008 at 11:44 AM, Nathan Chen wrote:
Hi, All:
I have a query that selects a BLOB field (embedded file) from a table.
Then I use cfcontent to output the string to the browser. The code has
running fine
That's it. I can't believe I forgot to turn enable BlOB when I updated
the dsn today. Thank you!
Nathan
-Original Message-
From: James Holmes [mailto:[EMAIL PROTECTED]
Sent: Saturday, August 16, 2008 9:47 PM
To: CF-Talk
Subject: Re: CFContent tag
First, check that your datasource has
Well at the end of the day, I am currently using hibernate in ColdFusion
thanks to Joe Reinhart I think is the one I am using. But I now plenty of
people are looking into it at the moment.
I have even looked at using GORM in Coldfusion, to help with DDD. But
haven't had the time to investigate as
On Sat, Aug 16, 2008 at 10:04 PM, Andrew Scott wrote:
Well at the end of the day, I am currently using hibernate in ColdFusion
thanks to Joe Reinhart I think is the one I am using. But I now plenty of
people are looking into it at the moment.
Hibernate is easy to use with CF8 and Java. Few
there appears to be no jdbc connector option to change this behaviour,
so have to do in server config/start...
Sorry to drag up an old thread, but I wanted a record of this for anyone
reading the archives. There IS a JDBC URL option to disable backslash escaping
in MySQL on a datasource
58 matches
Mail list logo
