oy, this group loves to talk, or type,
> rather... :o)
>
> Rick
>
> -Original Message-
> From: Jochem van Dieten [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 26, 2006 12:47 PM
> To: CF-Talk
> Subject: Re: Any reason why a file field can be submitted back to
o talk, or type, rather... :o)
>
> Rick
>
> -Original Message-
> From: Jochem van Dieten [mailto:[EMAIL PROTECTED]
> Sent: Friday, May 26, 2006 12:47 PM
> To: CF-Talk
> Subject: Re: Any reason why a file field can be submitted back to the page
> it's on?
>
> Rick
Friday, May 26, 2006 12:47 PM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the page
it's on?
Rick Faircloth wrote:
> What he's throwing in is not logical, but illogical, from a common
> sense point of view.
>
> But we shouldn't be hyp
Rick Faircloth wrote:
> What he's throwing in is not logical, but illogical, from a
> common sense point of view.
>
> But we shouldn't be hypothesizing...that proves nothing.
Are you suggesting we all go get traffic accidents so we have
some facts instead of a hypothesis? :)
Jochem
~~~
ject: RE: Any reason why a file field can be submitted back to the
page it's on?
> It is a very interesting topic...I would love to be able to
> find some actual accident/injury stats just to see how the
> equation works itself out...
Google is your friend:
http://www-nrd.nhtsa.dot.
Agreed
-Original Message-
From: Dave Francis [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 11:09 PM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
Helmet (and seat belt) laws attempt to protect people from themselves,
Message-
From: Rick Faircloth [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 9:09 PM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
I see your point, BUT, wouldn't car accidents be *less*
dangerous and injurious if people in car
> It is a very interesting topic...I would love to be able to
> find some actual accident/injury stats just to see how the
> equation works itself out...
Google is your friend:
http://www-nrd.nhtsa.dot.gov/pdf/nrd-30/NCSA/TSFAnn/TSF2001.pdf
> I see your point, BUT, wouldn't car accidents be *le
uson [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 3:53 PM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
But, even very minor accidents, when they involve uncovered
motorcyclists lead overwhelmingly often to critical injury or deat
oney...because if we all strapped them
> on all the time, we certainly would save both.
>
> Rick
>
> -Original Message-
> From: Dave Watts [mailto:[EMAIL PROTECTED]
> Sent: Thursday, May 25, 2006 12:13 PM
> To: CF-Talk
> Subject: RE: Any reason why a file field can be s
y 25, 2006 3:53 PM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
But, even very minor accidents, when they involve uncovered
motorcyclists lead overwhelmingly often to critical injury or death,
whereas minor accidents involving non-moto
Message -
From: "Rick Faircloth" <[EMAIL PROTECTED]>
To: "CF-Talk"
Sent: Thursday, May 25, 2006 1:38 PM
Subject: RE: Any reason why a file field can be submitted back to the page
it's on?
> What he's throwing in is not logical, but illogical, from a
&
tainly would save both.
>
> Rick
>
> -Original Message-
> From: Dave Watts [mailto:[EMAIL PROTECTED]
> Sent: Thursday, May 25, 2006 12:13 PM
> To: CF-Talk
> Subject: RE: Any reason why a file field can be submitted back to the
> page it's on?
>
>
>
From: Mike Klostermeyer [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 12:36 PM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
There you go again, Dave. You need to really stop throwing logic into these
conversations. It gets really
ubject: RE: Any reason why a file field can be submitted back to the
page it's on?
> Once I see all motorists, whether driving a car, truck, or
> motorcycle forced to wear helmets to protect the state from
> the costs of uninsured motorists' injuries, then I'll believe
>
I see, said the blind man...
-Original Message-
From: Ian Skinner [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 11:49 AM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
> any malicious programmer could exploit it in their
There you go again, Dave. You need to really stop throwing logic into these
conversations. It gets really annoying. :)
Mike
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 11:13 AM
To: CF-Talk
Subject: RE: Any reason why a file field can be
> Once I see all motorists, whether driving a car, truck, or
> motorcycle forced to wear helmets to protect the state from
> the costs of uninsured motorists' injuries, then I'll believe
> lawmakers created a helmet law which is fair, worthy of
> respect, and doesn't just single out a particula
> So, to enable the kind of functionality I'm proposing would
> mean to provide complete open access to all files on a site
> visitor's system?
Yes.
> However, since Javascript and Active X have been suggested as
> alternatives to accomplish my programming goals, how can
> Javascript or Activ
> I guess it wouldn't be possible to allow the functionality
> only when a user is uploading files from their own system and
> not from an external source?
It doesn't matter where the files come from. If I'm using a browser, I don't
want it to be able to arbitrarily upload ANY file without my
> any malicious programmer could exploit it in their own web pages
You mean that a malicious programmer could be hired by someone to code web
pages for them and then take advantage of the person hiring them. Am I
understanding?
No you do not understand! I am saying if this feature existed.
to select
to "Do not use currently selected file" in order to delete the
previously uploaded file... ?
Rick
-Original Message-
From: Jim [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 6:14 AM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back
e-
> From: Jochem van Dieten [mailto:[EMAIL PROTECTED]
> Sent: Thursday, May 25, 2006 5:01 AM
> To: CF-Talk
> Subject: Re: Any reason why a file field can be submitted back to the
> page it's on?
>
>
> Rick Faircloth wrote:
>
>>> any malicious prog
ive X alternatives do?
Rick
-Original Message-
From: Jim [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 5:51 AM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
I could make a website which has a form and filefield pre populated with
---
From: Jochem van Dieten [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 5:01 AM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
Rick Faircloth wrote:
>> any malicious programmer could exploit it in their own web pages
>
>
ycle. So, if it doesn't affect them,
> they don't care.
>
> Rick
>
> -Original Message-
> From: Dave Watts [mailto:[EMAIL PROTECTED]
> Sent: Thursday, May 25, 2006 1:32 AM
> To: CF-Talk
> Subject: RE: Any reason why a file field can be submitted back to the
> page
ogous to the
HTML security issue on the table.
Rick
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 1:36 AM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
> I didn't say I couldn't
-
From: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 25, 2006 1:32 AM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
> You mean that a malicious programmer could be hired by
> someone to code web pages for them and then t
Rick Faircloth wrote:
>> any malicious programmer could exploit it in their own web pages
>
> You mean that a malicious programmer could be hired by someone
> to code web pages for them and then take advantage of the person
> hiring them. Am I understanding?
No.
> But, like I said in another p
> I didn't say I couldn't live with it rather than use another
> option...but I don't see why the W3C felt they had to force
> that particular security element on everyone.
>
> It's the same problem I have with lawmakers telling me I have
> to wear a helmet when I ride my motorcycle...it's my
> You mean that a malicious programmer could be hired by
> someone to code web pages for them and then take advantage of
> the person hiring them. Am I understanding?
>
> If that's the case, then I still think that burden should be
> on the person hiring the programmer...get someone you
> tru
don't understand all the
security issues surrounding the decision, so I won't pass final judgment
on the W3C without better understanding...
Rick
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 5:52 PM
To: CF-Talk
Subject: RE: Any re
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
Rick Faircloth wrote:
> IMHO...too much W3C control exercised...
If you don't like it, choose another option. It is your own
choice to use HTML. There are plenty of other options you c
> Yep...looks like you're absolutely right...resubmission
> deletes the value from the field...bummer...I undestand the
> security risk, but this is a secured area, I'm the only
> programmer, so the risk is practically non-existent.
>
> Seems to me the choice to take the risk should be mine...
Rick Faircloth wrote:
> IMHO...too much W3C control exercised...
If you don't like it, choose another option. It is your own
choice to use HTML. There are plenty of other options you can use
that put the security line in a different place. Only thing is
that people usually are very reluctant to
>I see your point...but what about the fact that it's behind
> a secured area, with only certain people who have access,
> and only certain programmers (me, in this case) who have
> access to the code?
>
> If my client and I both agreed to take the risk, why shouldn't
> we be able to choose to?
B
CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
Where along the food chain does this get decided? Is it an OS thing, or CF?
Browser?
Rick
HTML W3C Standards.
--
Ian Skinner
Web Programmer
BloodSource
www.BloodSource.org
Sacrament
If my client and I both agreed to take the risk, why shouldn't we be able to
choose to?
My point is, in this case, the hacker couldn't access the file field, so there
would be no vulnerability...unless, of course, he hacked into the secured area,
which is possible, but still a risk I think shou
Where along the food chain does this get decided? Is it an OS thing, or CF?
Browser?
Rick
HTML W3C Standards.
--
Ian Skinner
Web Programmer
BloodSource
www.BloodSource.org
Sacramento, CA
-
| 1 | |
- Binary Soduko
| | |
-
"C code. C code run. Run
g in this issue?
Rick
-Original Message-
From: Ian Skinner [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 1:26 PM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
Seems to me the choice to take the risk should be mine...
Rick
ssage-
From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 1:38 PM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
Yep...gotta agree with Ian.
Now Rick if you really want to control your own security decisions, just
i
Yep...gotta agree with Ian.
Now Rick if you really want to control your own security decisions, just
install
any version of Windows on a connected machine and do not install any SPs or
patches...
Enjoy ;-)
Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems G
>I wish I could get the file field variable passed as a URL string back
> to the page, then perhaps I could re-insert it into the file field...???
>
> Rick
Nopefor security reeasons already mentioned (and trust me...I tried heard
once) ;-)
Bryan Stevenson B.Comm.
VP & Director of E-Commerce
Seems to me the choice to take the risk should be mine...
Rick
But the risk isn't to you the programmer. This is not a security hole for some
hacker to get into a website. It would be a hole for a hacker to use a website
to get to a client's computer data.
If the option existed, I could cre
reason why a file field can be submitted
back to the page it's on?
Rick,
No worries on the name. The reason the URL string appears is because with
GET the form attempts to post the data back to the page via the Query
String, so its putting all the form fields into the URL of the form
submi
Faircloth [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 12:57 PM
To: CF-Talk
Subject: RE: Solved: RE: Any reason why a file field can be submitted back
to the page it's on?
The solution certainly doesn't explain the URL string, but I have no idea
what would cause the URL stri
use
there was an error in the form values...
Rick
-Original Message-
From: Claude Schneegans [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 12:49 PM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
>>
I'm not sure
e...
Rick
-Original Message-
From: Ian Skinner [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 12:18 PM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
You are not allowed to provide a value to a file input field.
M
To: CF-Talk
Subject: Re: Solved: RE: Any reason why a file field can be submitted
back to the page it's on?
But...but...butI thought you said that when you included the file
field, it had a URL string, and when you didn't, it didn't. I dismi
Oops, sorry Ben...my wife's name is Bev, so I type
that all the time...
Rick
-Original Message-
From: Rick Faircloth [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 12:22 PM
To: CF-Talk
Subject: Solved: RE: Any reason why a file field can be submitted back
to the page it
>>
I'm not sure you can pass the uploaded file just like that to a new form.
The uploaded file is not just a string you can put into a new VALUE
attribute,
it contains the file name and the encoded content of the file.
Anyway, can you show us the http://www.contentbox.com/claude/customtags/tags
Message-
> From: Ben Nadel [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 24, 2006 12:09 PM
> To: CF-Talk
> Subject: RE: Any reason why a file field can be submitted back to the
> page it's on?
>
>
>
tInput01">
>
>
>
> -Original Message-
> From: Ray Champagne [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 24, 2006 12:01 PM
> To: CF-Talk
> Subject: Re: Any reason why a file field can be submitted back to the
> page it's on?
>
>
>
That was it! Thanks, Bev, et al...
Rick
-Original Message-
From: Ben Nadel [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 12:09 PM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
Is your form GET 'ing?? It should b
You are not allowed to provide a value to a file input field. This would be a
huge security risk, because we bad programmers could so easily trick users to
load any old file we wanted.
--
Ian Skinner
Web Programmer
BloodSource
www.BloodSource.org
Sacramento, C
Anything wrong with this code?
-Original Message-
From: Ray Champagne [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 12:01 PM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
Do you have a link?
Rick Fair
Sorry...it's a secure area...
-Original Message-
From: Ray Champagne [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 12:01 PM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
Do you have a link?
Rick Faircloth wr
ing
skills... Girls only want boyfriends who have great skills."
- Napoleon Dynamite
-Original Message-
From: Rick Faircloth [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 11:39 AM
To: CF-Talk
Subject: Any reason why a file field can be submitted back to the page it's
Do you have a link?
Rick Faircloth wrote:
> Yep...multipart/form-data...
>
> -Original Message-
> From: Adkins, Randy [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 24, 2006 11:45 AM
> To: CF-Talk
> Subject: RE: Any reason why a file field can be submitted back
]
Sent: Wednesday, May 24, 2006 11:51 AM
To: CF-Talk
Subject: Re: Any reason why a file field can be submitted back to the
page it's on?
I do that on one of my real estate sites, so yea, you should be able to.
What's the enctype of the form? Although, this shouldn't exhibit th
Yep...multipart/form-data...
-Original Message-
From: Adkins, Randy [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 11:45 AM
To: CF-Talk
Subject: RE: Any reason why a file field can be submitted back to the
page it's on?
Did you check to see if you had the enctype set sinc
I do that on one of my real estate sites, so yea, you should be able to.
What's the enctype of the form? Although, this shouldn't exhibit the
behavior you describe.
Rick Faircloth wrote:
> Hi, all..
>
> I'm setting up a form which submits back to the page it's on for
> validation and ever
Did you check to see if you had the enctype set since you are dealing
with a FILE?
-Original Message-
From: Rick Faircloth [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 24, 2006 11:39 AM
To: CF-Talk
Subject: Any reason why a file field can be submitted back to the page
it's on
Hi, all..
I'm setting up a form which submits back to the page it's on for
validation and everything has been fine up until the point where
I put a file field in the form.
When the form submits back to the page it's on, I get a long
URL string with my text field titles in it, e.g.,
..cfm?AgentID=
64 matches
Mail list logo