, September 25, 2014 4:45 AM
To: cf-talk
Subject: Re: Anyone have experience running CyberSource Secure Acceptance
Have they given you code and an example hash?
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com
Have they given you code and an example hash?
On Tue, Sep 16, 2014 at 18:48 PM, Sandra Clark sclarkli...@gmail.com
wrote:
I'm trying to take a sample that they have written and convert it to
ColdFusion. I have the Java in the signature code which is creating the
HMAC exactly the same as
I've been working on a solution you can see here:
https://forums.adobe.com/thread/1560066
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
I'm trying to take a sample that they have written and convert it to
ColdFusion. I have the Java in the signature code which is creating the
HMAC exactly the same as their JSP code and I'm still getting rejected.
Their technical help is less than stellar and I'm thinking it has less to
http://www.bennadel.com/blog/2412-crypto-cfc-for-hmac-sha1-hmac-sha256-and-hmac-md5-code-generation-in-coldfusion.htm
~|
Order the Adobe Coldfusion Anthology now!
To: cf-talk
Subject: Re: Anyone have experience running CyberSource Secure Acceptance
http://www.bennadel.com/blog/2412-crypto-cfc-for-hmac-sha1-hmac-sha256-and-h
mac-md5-code-generation-in-coldfusion.htm
~|
Order the Adobe
is
turning my hair gray.
-Original Message-
From: Captain Obvious [mailto:mr.happ...@gmail.com]
Sent: Tuesday, September 16, 2014 1:58 PM
To: cf-talk
Subject: Re: Anyone have experience running CyberSource Secure Acceptance
http://www.bennadel.com/blog/2412-crypto-cfc-for-hmac
Professional
http://foundeo.com/ - ColdFusion Consulting Products
http://hackmycf.com - Is your ColdFusion Server Secure?
http://www.youtube.com/watch?v=ubESB87vl5U - FuseGuard your CFML in 10
minutes
~|
Order the Adobe Coldfusion
Chrome and it says
the same thing). I also added the cookie-config
activetrue/active
cookie-securetrue/cookie-secure
/cookie-config to the jrun-web.xml file in each cf instance as well and the
scan comes back with the cookies not being set to secure. This is a very
straight forward process that I
Consulting Products
http://hackmycf.com - Is your ColdFusion Server Secure?
http://www.youtube.com/watch?v=ubESB87vl5U - FuseGuard your CFML in 10
minutes
On Thu, Feb 20, 2014 at 2:39 PM, Richard White rich...@re-base.net wrote
Secure?
http://www.youtube.com/watch?v=ubESB87vl5U - FuseGuard your CFML in 10
minutes
On Thu, Feb 20, 2014 at 2:39 PM, Richard White rich...@re-base.net wrote:
Hi Pete,
yes although if i disable this my login stops working and appears the
session variables that i use throughout
suppose at
this point the session.cfide has been created. Would you know how to resolve
this?
cffunction name=onSessionStart
cfcookie name=CFID value=#session.cfid# httponly=true secure=yes
cfcookie name=CFTOKEN value=#session.cftoken# httponly=true
secure=yes
/cffunction
Thanks
Hi Richard, do you have Use J2EE session variables checked in the CF
administrator?
--
Pete Freitag - Adobe Community Professional
http://foundeo.com/ - ColdFusion Consulting Products
http://hackmycf.com - Is your ColdFusion Server Secure?
http://www.youtube.com/watch?v=ubESB87vl5U - FuseGuard
Professional
http://foundeo.com/ - ColdFusion Consulting Products
http://hackmycf.com - Is your ColdFusion Server Secure?
http://www.youtube.com/watch?v=ubESB87vl5U - FuseGuard your CFML in 10
minutes
On Thu, Feb 20, 2014 at 5:41 AM, Richard White rich...@re-base.net wrote
Hi,
Is there a way to set the secure, domain and path values for session CFID and
CFTOKEN cookies in the application.cfc page of CF9?
I have done some searches but cannot seem to find an answer.
Many thanks,
Richard
Hi,
How would I set the the CFID and CFTOKEN secure, domain and path attributes for
a specific application in the cfapplication.cfc file? I have done some searches
but cannot seem to find how to do it.
Many thanks
Richard
Hi Richard,
You can use the technique here: http://www.petefreitag.com/item/764.cfm it
doesn't set path, domain, or secure but you can just add that to the
cfcookie tag in the CF9 example.
--
Pete Freitag - Adobe Community Professional
http://foundeo.com/ - ColdFusion Consulting Products
http
Hi,
We have an online web application built using CF. We completely host and manage
our software and provide users with an annual subscription.
A large client would like to use the software in a country that has limited
internet connection. Therefore, we have the possibility of providing them
CFML can be encoded, which will be sufficient to stop the average person.
If you want to go a step further then you can compile your app down to
class files and only distribute those.
On Tue, Jan 28, 2014 at 11:46 AM, Richard White rich...@re-base.net wrote:
Hi,
We have an online web
This might get you in the right direction.
http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=deploying_5.html
On Tue, Jan 28, 2014 at 9:46 PM, Richard White rich...@re-base.net wrote:
Hi,
We have an online web application built using CF. We completely host and
manage our
It is possible to compile your application down to a deployable WAR file.
Steve 'Cutter' Blades
Adobe Community Professional
Adobe Certified Expert
Advanced Macromedia ColdFusion MX 7 Developer
http://cutterscrossing.com
Co-Author Learning Ext JS 3.2 Packt Publishing 2010
I would suggest working with an attorney to make sure you have a proper
licensing agreement in place.
While I've never had occasion to package a CF app as a WAR, I doubt it
obfuscates the classes. So it too would be easily decompiled.
I searched around and this seems to be a somewhat popular
On Tue, Jan 28, 2014 at 2:35 PM, Byron Mann wrote:
While I've never had occasion to package a CF app as a WAR, I doubt it
obfuscates the classes. So it too would be easily decompiled.
But it would be decompiled to Java,. And that Java bears absolutely zero
resemblance to the original CFML.
Thanks guys for your suggestions, i will take a look into your suggestions.
BW
Richard
Hi,
We have an online web application built using CF. We completely host
and manage our software and provide users with an annual subscription.
A large client would like to use the software in a
On Tue, Jan 28, 2014 at 8:35 AM, Byron Mann wrote:
I would suggest working with an attorney to make sure you have a proper
licensing agreement in place.
An attorney who understands IP law in this country without internet.
-Cameron
--
Cameron Childress
--
p: 678.637.5072
im: cameroncf
Is there any way to ensure the CFTOKEN and CFID cookies include the secure
attribute when sending over https?
I see no way to do this on CF9.
Thanks
Robert Harrison
Director of Interactive Services
Austin Williams
Advertising I Branding I Digital I Direct
125 Kennedy Drive, Suite 100
Is there any way to ensure the CFTOKEN and CFID cookies include the secure
attribute when sending over https?
I see no way to do this on CF9.
You need to disable CF's automatic setting of those cookies, then set
them yourself with CFCOOKIE.
Dave Watts, CTO, Fig Leaf Software
http
Ive seen people request this before due to a PCI security audit. Usually the
best solution, depending on the code, is to switch to J2EE session variables.
Instead of physical cookies the session cookies are true session cookies in
browser memory. This would eliminate the secure cookies issue
session
cookies in browser memory. This would eliminate the secure cookies issue.
I think?
You can create a browser session cookie for CFID/CFTOKEN cookies as well,
you just have to write the cookies manually. But what Robert was asking
about was the secure flag on the cookie, which indicates
Blog: http://www.austin-williams.com/blog
Twitter: http://www.twitter.com/austin_williams
-Original Message-
From: Pete Freitag [mailto:p...@foundeo.com]
Sent: Friday, December 06, 2013 4:09 PM
To: cf-talk
Subject: Re: Secure attribute on CF Session Cookies
On Fri, Dec 6, 2013 at 2
Well now I feel like an idiot. :) I should have caught the missing quotation
marks. And the APPLICATION.CFM is in fact a typo, the actual file I'm using is
APPLICATION.CFC, sorry 'bout that.
After replacing the quotation marks I have a new error, it is in line 5. The
verbiage of the error
You seem to be mixing Application.cfc syntax (this.applicationTimeout) and
Application.cfm syntax (cfapplication). If you're using App.cfc, and I
would suggest you do, then I would not expect the cfapplication tag to
work. I could be wrong, though, as I've never tried that. Something to
check on,
On Tue, Jan 15, 2013 at 10:16 AM, B Griffith br.griff...@yahoo.com wrote:
After replacing the quotation marks I have a new error, it is in line 5.
The verbiage of the error is as follows:
The line numbers are more like suggestions on a general area to look than
the gospel truth. Don't
Thanks, Andrew, looks like it's working now, I changed the cfapplication
block to a cfscript block per your suggestion and I am now getting the login
screen, so thank you again. I'm going to tinker with it a little more and see
if I can integrate it with the rest of my code (it's a standalone
Hello all, I'm new to CF and had an excellent experience posting here with my
last issue, now I am having a problem making my secure login to my webpage
work. The issue seems to be (if I'm understanding correctly) that there is an
infinite loop between my login.cfm and application.cfc. I
cfif not IsDefined(LoggedIn) !--- this logic added to ---
This line is getting triggered on every page load, so when it
redirects and reloads the page it's getting triggered again in an
endless cycle. You'll need to add logic to tell it not to redirect
when you're actually loading the login
Okay, so I found a different stand-alone set of login pages/code on a different
website, but when I try to go to the index.cfm page (which previously worked
w/o the inclusion of the new pages/code) I get:
Invalid token c found on line 20 at column 4.
18:calling THIS page (application.cfc) is
Yeah you might like to do
cfif structKeyExists(session, allowin) and not session.allowin
otherwise if the variable doesn't exist in the scope, it will error.
--
Regards,
Andrew Scott
WebSite: http://www.andyscott.id.au/
Google+: http://plus.google.com/113032480415921517411
The error might be before line 20... try removing the comments and
see if that makes a difference
At 03:32 PM 1/14/2013, you wrote:
Okay, so I found a different stand-alone set of login pages/code on
a different website, but when I try to go to the index.cfm page
(which previously worked
, session, etc.) but any layman's
explanation on what role these might play in opening security gaps would be of
great interest to me as I need to make this site very secure.
Thanks again for all your help and I look forward to your new responses
Edit: Sorry Andrew, meant to attach this to the bottom of the entire thread.
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
On Mon, Jan 14, 2013 at 5:25 PM, B Griffith br.griff...@yahoo.com wrote:
Invalid CFML construct found on line 5 at column 33
5: applicationtimeout=#CreateTimeSpan(0,2,0,0)# /
I don't know if it's a typo, but in the code sample you posted below you
are missing a closing quote mark ().
this line has an extra set of quotes at the end
5: applicationtimeout=#CreateTimeSpan(0,2,0,0)# /
this section has missing closing quotes on the last 2 params
!--- APPLICATION.CFM ---
cfapplication name=MyApp
clientmanagement=Yes
sessionmanagement=Yes
be of great interest to me as I need to make this site very secure.
Thanks again for all your help and I look forward to your new responses. :)
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion
Is this Application.cfm or Application.cfc
You have Application.cfm and yet you have Application.cfc code, that is a
bug problem in itself.
So if this is an Application.cfc, you need to remove the cfparams ( I am
not sure these work in Application.cfc, sure someone will correct that) and
the
to
prevent execution on the image upload folder.
I also wrote a blog entry a while with some tips for secure file uploads:
http://www.petefreitag.com/item/701.cfm
--
Pete Freitag - Adobe Community Professional
http://foundeo.com/ - ColdFusion Consulting Products
http://hackmycf.com - Is your
. Finally use your web server and/or CF sandbox security to
prevent execution on the image upload folder.
I also wrote a blog entry a while with some tips for secure file uploads:
http://www.petefreitag.com/item/701.cfm
--
Pete Freitag - Adobe Community Professional
http://foundeo.com/ - ColdFusion
I am looking for a safe and secure way to put an example page on my site
that will allow a potential client to upload a JPG in order to see an
example of a responsive photo gallery he can create using my new responsive
web template I am in the process of building.
Here is what I am considering
skip all the nonsense and just try to resize the image.
If that fails its either a color pallete java can't handle or it
isn't an image.
- Dan
On Tue, Dec 18, 2012 at 8:12 PM, Terry Troxel terry.tro...@gmail.com wrote:
I am looking for a safe and secure way to put an example page on my site
having a wierd issue here. i believe it may be a bug in CF.
code:
cfftp secure=true action=open server=#ftpserver# port=#ftpport#
username=#username# password=#password# fingerprint=#fingerprint#
connection=myftp
cfftp action=getfile connection=myftp remotefile=testfile.txt
localfile=E
secure=true action=open server=#ftpserver# port=#ftpport#
username=#username# password=#password# fingerprint=#fingerprint#
connection=myftp
cfftp action=getfile connection=myftp remotefile=testfile.txt
localfile=E:\tmp\testfile.txt transfermode=binary passive=true/
throws error
we're already on 9.0.1. yea i saw that bug report. that one dealt with
creating the connection. in my situation, the connection establishes fine. i
can listdir fine. it's the get command that's causing an issue.
~|
to make the upload of images safe and secure for my server
as these folks will be out front and not in
The normal password protected area when they own their site.
I would appreciate and positive input on this.
Terry
Hi Terry,
I wrote up a blog entry with a few tips on secure file uploads a while
back: http://www.petefreitag.com/item/701.cfm
--
Pete Freitag - Adobe Community Professional
http://foundeo.com/ - ColdFusion Consulting Products
http://petefreitag.com/ - My Blog
http://hackmycf.com - Is your
and secure solution.
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:343952
Hi Kamru,
Sorry for my late reply.
This link will give you a good idea of what a VPN could do for you:
http://technet.microsoft.com/en-us/library/bb742566.aspx
It is unlikely to be a cheap solution, but it will have the potential to be
a robust and secure solution.
Something you could
/) for secure storage and
use another SFTP/SSH based upload/download user tool (e.g.
http://trac.cyberduck.ch/wiki/help/en/howto/s3 or similar) - will that idea
work?
Regards,
Kamru
Investigate the SFTP/SSH/VPN/etc solutions instead
deciding up on an appropriate
solution for my needs.
However, please answer one more question, if at all possible:
How about using Amazon S3 (https://s3.amazonaws.com/) for secure storage and
use another SFTP/SSH based upload/download user tool (e.g.
http://trac.cyberduck.ch/wiki/help/en/howto
Hi Jenny,
Thanks for you reply. Apologies for not answering sooner, as I could not
connect to houseoffusion.com last Friday (15/4/2011) for some technical reason.
No, I have not thought about VPN. Would that allow an upload of up to 50 GB
data from UK and downloaded from another European
is this sharing of files a regular occurrence or a one time thing ? either
way you don't need to reinvent this wheel
If you regularly do this then a much better solution would be something like
SugarSync, we have been using this for ages and it works great, and best of
all it is FREE, they do
Could you not just upload the files using sftp and require an ssh
connection to download them? That is really what ftp was designed for.
HTTP was never really designed to transmit that large of a file
anyway. This would accomplish both of your requirements, in that you
would be uploading them
Hi Russ,
Thanks for your suggestions. The secure file transfer requirement is a regular
occurrence for multiple users. I had a look at the SugarSync file upload
service and it is only free for up to 5GB for a single user. I have asked the
vendor to supply more information for my requirement
Hi Dean,
The SFTP and SSH methods you suggested sounds very promising.
Is there any products or Coldfusion code example to handle up to 50 GB files
available anywhere?
Thanks,
Kamru
~|
Order the Adobe Coldfusion Anthology
It would a bad idea to try and deliver such big files over CF. A file of
that size would take a very long time to download, and the likelihood of the
http connection being lost is very high, which means users will need to keep
trying to download from scratch, as has been stated, http is not
Kamru, SFTP is simply ftp over an SSH connection. So what you need is
to have SSH running on your ftp server. If you are using Windows, I
like ServU-FTP server as it has an SSH server built into it. It is a
commercial product though and is Windows only. If you want to go free,
OpenSSH is a free
On Tue, Apr 19, 2011 at 12:32 PM, Kamru Miah k.m...@csl.gov.uk wrote:
Is there any products or Coldfusion code example to handle up to 50 GB files
available anywhere?
ColdFusion (or any other web scripting language) is not the proper
solution for this problem. It's not even worth trying.
Have you thought of using a VPN?
Jenny
-Original Message-
From: Kamru Miah [mailto:k.m...@csl.gov.uk]
Sent: 14 April 2011 16:41
To: cf-talk
Subject: Any secure data transfer methods avaiable for very large files?
Hello,
My company requires a mean of up to 50 GB of secure data
Hello,
My company requires a mean of up to 50 GB of secure data transfer facility for
multiple concurrent users.
Does anyone know of any methods/tools/products which will provide the above
secure data transfer facility with a Coldfusion front-end please?
Thanks in anticipation.
Kamru
Now I did mention that Flex says it REQUIRES RDS to be enabled in order
to use Flex data services.
This is only required to use the wizards in Flash Builder, just like
you need RDS to do things in CF Builder. Once your code is written,
you can deploy it to servers without RDS enabled.
Dave
Way back in the day I was told RDS was horribly insecure and I wrote it
off and never looked back.
Neither RDS nor the CF Administrator should be exposed to untrusted
clients. They're both password protected with no auditing of failed
authentication events.
Dave Watts, CTO, Fig Leaf Software
Dreamweaver aso needs RDS for a lot of its features, but RDS is not
supposedly to be installe don production servers.
If you run CF enterprise, then you can sandbox RDS access and give each user
their own login and limit what folders they have access to.
This is what I do on cfmldeveloper.com to
let's try that again... ;-)
Hi All,
Way back in the day I was told RDS was horribly insecure and I wrote it
off and never looked back.
Well now I'm into Flex and it uses RDS in order to use CF data services
(or I can use webservices).
So how safe is having RDS enabled? Any good tutorials on
RDS in production is still a no-no. :-)
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
Short answer, how secure RDS is or isn't is really not the issue. What is
more important is that security fundamentals demand that you don't run
anything not completely necessary on production boxes. Your HTTP server is
necessary, remote access services (be it RDS or FTP or ...) are generally
the wrong way.
Sorry for the cross-over to Flex, but I hoped there were some cross-over
folks on-list.
Cheers
On Mon, 2011-02-28 at 14:58 -0500, Ben Forta wrote:
Short answer, how secure RDS is or isn't is really not the issue. What is
more important is that security fundamentals demand that you
I'm no Flex guru by any stretch, but I've never heard this one before (and
find it kinda hard to believe?)
Can anyone who has more Flex experience confirm this?
Mark
On Tue, Mar 1, 2011 at 7:25 AM, Bryan Stevenson
br...@electricedgesystems.com wrote:
Now I did mention that Flex says it
It doesn't.
Nic
Sent from my Verizon Wireless Phone
- Reply message -
From: Mark Mandel mark.man...@gmail.com
Date: Mon, Feb 28, 2011 6:27 pm
Subject: How secure is RDS
To: cf-talk cf-talk@houseoffusion.com
I'm no Flex guru by any stretch, but I've never heard this one before
Sent from my Verizon Wireless Phone
- Reply message -
From: Mark Mandel mark.man...@gmail.com
Date: Mon, Feb 28, 2011 6:27 pm
Subject: How secure is RDS
To: cf-talk cf-talk@houseoffusion.com
I'm no Flex guru by any stretch, but I've never heard this one before (and
find
On Mon, 2011-02-28 at 18:42 -0500, nic.tun...@nictunney.com wrote:
It doesn't.
Nic
Sent from my Verizon Wireless Phone
- Reply message -
From: Mark Mandel mark.man...@gmail.com
Date: Mon, Feb 28, 2011 6:27 pm
Subject: How secure is RDS
To: cf-talk cf-talk
Flash development.
Regards,
Andrew Scott
http://www.andyscott.id.au/
-Original Message-
From: Bryan Stevenson [mailto:br...@electricedgesystems.com]
Sent: Tuesday, 1 March 2011 11:03 AM
To: cf-talk
Subject: Re: How secure is RDS
OK then Nic/Mark
http://www.adobe.com/devnet
On Mon, Feb 28, 2011 at 7:02 PM, Bryan Stevenson
br...@electricedgesystems.com wrote:
OK then Nic/Mark
http://www.adobe.com/devnet/flex/articles/fcf_ataglance_flex_coldfusion.html
Seems to contradict you guys
I'd love a non-webservice and non-RDS enabled solution, but Adobe
Subject: How secure is RDS
To: cf-talk cf-talk@houseoffusion.com
I don't see any where that it mentions using RDS to communicate with
Flex-ColdFusion.
I am no expert in Flash/Flex development but I am under the impression the
Flash Remoting on ColdFusion is the way Flash talks to ColdFusion
rds in
production.
Sent from my Verizon Wireless Phone
- Reply message -
From: Andrew Scott andr...@andyscott.id.au
Date: Mon, Feb 28, 2011 7:08 pm
Subject: How secure is RDS
To: cf-talk cf-talk@houseoffusion.com
I don't see any where that it mentions using RDS
, Feb 28, 2011 7:08 pm
Subject: How secure is RDS
To: cf-talk cf-talk@houseoffusion.com
I don't see any where that it mentions using RDS to communicate with
Flex-ColdFusion.
I am no expert in Flash/Flex development but I am under the impression the
Flash Remoting on ColdFusion is the way Flash talks
, 2011 7:08 pm
Subject: How secure is RDS
To: cf-talk cf-talk@houseoffusion.com
I don't see any where that it mentions using RDS to communicate with
Flex-ColdFusion.
I am no expert in Flash/Flex development but I am under the impression
the
Flash Remoting on ColdFusion is the way Flash
.
Sent from my Verizon Wireless Phone
- Reply message -
From: Andrew Scott andr...@andyscott.id.au
Date: Mon, Feb 28, 2011 7:08 pm
Subject: How secure is RDS
To: cf-talk cf-talk@houseoffusion.com
I don't see any where that it mentions using RDS to communicate
Oopsone last thing for now I think Nic
The article seems to perhaps be more about CF 9 and ORM than Flex and
CFis that a safe assumption?
I'm asking because I'm stuck on CF 8 for the time being and hoping to
avoid confusion between what I'm trying to do and what CF 9 can do ;-)
The article is about CF 9 ORM, but the pattern remains the same. The ORM
methods are generated in cf9, but in CF8 your objects would probably still
have the same accessor methods.
Nic
On 2/28/11 8:01 PM, Bryan Stevenson br...@electricedgesystems.com
wrote:
Oopsone last thing for now I
and it was the accessor stuff that lost me ;-)
In simple terms are you talking about a single CFC that all other CFC
calls pass-through? I've heard that called a facade, but whatever you
call it, it is a way of not requiring all CFCs to be of accessType
remote when using AJAX_CFC for
...@electricedgesystems.com]
Sent: Tuesday, 1 March 2011 12:50 PM
To: cf-talk
Subject: Re: How secure is RDS
and it was the accessor stuff that lost me ;-)
In simple terms are you talking about a single CFC that all other CFC
calls pass-
through? I've heard that called a facade
Most of my apps use multiple clients. I many times have a serviceProxy
and remotingProxy. At a real basic level the remotingProxy mirrors
whatever I need in the serviceProxy as remote methods. The service layer
can be RESTful (put/get/post/delete), as Andrew suggested, or can be
regular
Hi,
i am trying to secure pdf documents that exist in my application folders.
i have set passwords on them using the cfpdf tag but is there a way to open
them via a cfm page? i was hoping i could open and display them to the user
with the app providing the password instead of the user having
Hey everyone I have thrown this idea around before with a few guys on this
list but have modified my methodology slightly and am now asking the full
community their thoughts. Is the below scenario secure or I am asking for
trouble?
Here is the code: Secure or not so secure? (No vpn or ssh tunnel
Here is the code: Secure or not so secure? (No vpn or ssh tunnel, traffic is
right over the internet via SSL 2048bit between two CF 8 Servers)
My first reaction is don't do it, find a better way, but if you must
pass an arbitrary query across the Internet and get a result set then
you're going
Here is the code: Secure or not so secure? (No vpn or ssh tunnel, traffic is
right over the internet via SSL 2048bit between two CF 8 Servers)
What do you mean by secure? What is the security threat you're trying
to address? Just asking is X secure isn't really specific enough to
be easily
Message-
From: Dave Watts [mailto:dwa...@figleaf.com]
Sent: Thursday, January 20, 2011 4:27 PM
To: cf-talk
Subject: Re: Secure or Not So Secure?
Here is the code: Secure or not so secure? (No vpn or ssh tunnel,
traffic is right over the internet via SSL 2048bit between two CF 8
Servers
cfincludes or cfmodules. All of the code is wrapped within
cfsilent tags.
I have been able to submit a payment to the test server successfully. The main
problem I'm having is trying to deal with transactions which must be 3d Secure
authorized.
I'm using the following guide for help with most
Hi Folks
I have a secure site that works fine:
https://www.appreciativeway.com/secure/bookstore.cfm
When I add variables such as:
https://www.appreciativeway.com/secure/bookStore.cfm?webSource=clergy
The page becomes a mix of secure and non secure items.
The variable is the link origin
There is a file spacer.gif that is being served without the ssl at the
very bottom of the age (after the footer).
~Mahcsig
On Wed, Dec 1, 2010 at 10:57 AM, Rob Voyle robvo...@voyle.com wrote:
Hi Folks
I have a secure site that works fine:
https://www.appreciativeway.com/secure
I can see at least 1 non secure item on the page
img src=http://www.clergyleadership.com/images/spacer.gif
view-source:http://www.clergyleadership.com/images/spacer.gif
alt= border=0 height=400 width=1 /
--
Russ Michaels
www.cfmldeveloper.com - Supporting the CF community since 1999
FREE
1 - 100 of 606 matches
Mail list logo
