James Holmes wrote:
> So, basically, the username and password is written out in plain text
> in the cookie for anyone to steal. Great security.
I didn't write the .net part! But yup, I didn't like the way it looked
either. But:
a. I like my job
b. they pay well and often
c. the .net fo
So, basically, the username and password is written out in plain text
in the cookie for anyone to steal. Great security.
Anyway, don't just trust the existence of the cookie - you need to log
the user in to your site with the username and password. Otherwise, I
can just manipulate my browser to s
write them to javascript cookie vars, then yank them outta there into
cf session variables
cfRas
On Thu, Apr 2, 2009 at 11:50 AM, Les Mizzell wrote:
>
> I've got a client that's decided to try and use a .net login system
> written for one of their sites for *all* their sites, including the huge
I've got a client that's decided to try and use a .net login system
written for one of their sites for *all* their sites, including the huge
CF site I maintain for them.
Looking at the .net code for this thing *really* reminds me why I like
Coldfusion so much - sheesh, 15 or so files and a cou
4 matches
Mail list logo