> > > Try it:
> > >
> >
> > Dude - I think we must be on different wavelengths here.
> > CFHTTP makes a HTTP request. Are you saying that your web
> > server will respond to a file url like that? No, it won't.
> > What do you get when you run this on your server? You should
> > get a Connect
>
> I think that Jochem's point is that CFHTTP won't allow you to
> use file paths. On the other hand, a COM interface to IE
> would probably allow you to do such a thing, just like you
> can use file paths in IE on your desktop, in addition to regular URLs.
I grok this. But darnit, we weren'
> I grok this. But darnit, we weren't talking about that.
> If you want to talk security and COM, fine. I was talking
> about a web thunbnail generator. That's what is bugging
> me. His original posts made it seem like the idea of
> generating a thumbnail of a URL was insecure. It's not.
The
> The idea may not be insecure, but the implementation may very
> well be. Given similar things I've seen implemented using the
> IE interface, for example, his concern seems pretty
> on-target, since by automating IE you could very easily get
Well, I still say that I never once mentioned mak
> > The idea may not be insecure, but the implementation may very
> > well be. Given similar things I've seen implemented using the
> > IE interface, for example, his concern seems pretty
> > on-target, since by automating IE you could very easily get
>
> Well, I still say that I never once m
> You do seem to be a very, very angry man. Perhaps because of
> > your name in lights? http://www.uncom.com/cfmx
> >
>
>Hmm, I don't know who this jedimaster person is - but when I find him -
>I'm going to pound him!
Silly Jedi...!
__
att Liotta
President & CEO
Montara Software, Inc.
http://www.montarasoftware.com/
V: 415-577-8070
F: 415-341-8906
P: [EMAIL PROTECTED]
> -Original Message-
> From: Dave Watts [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, July 18, 2002 3:18 PM
> To: CF-Talk
> Subject: RE: f
Dave Watts wrote:
>
> The idea may not be insecure, but the implementation may very well be. Given
> similar things I've seen implemented using the IE interface, for example,
> his concern seems pretty on-target, since by automating IE you could very
> easily get to the filesystem and bypass your
> I think this brings up interesting security issues for
> virtual hosting companies. In this case, accessing files
> with IE would be done using the application server's user.
> Thus enabling all of the virtual users to see each other's
> files since there is only a single application server.
>And when you start using CF in virtual machines, I suspect you might need
one license for each VM,
>which might be a bit expensive.
What, you can't just run CFMX in virtual distributed mode? ;-) Just
kidding
~Todd
Todd Rafferty ([EMAIL PROTECTED])
http://www.web-rat.com/
Team Macrome
http://www.montarasoftware.com/
V: 415-577-8070
F: 415-341-8906
P: [EMAIL PROTECTED]
> -Original Message-
> From: Dave Watts [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, July 18, 2002 4:38 PM
> To: CF-Talk
> Subject: RE: filesystem security (was: Idea Incubator -
javax.imageio.Imag
Holy s$%# Batman! did Dave and Matt just agree!?
>>-Original Message-
>>From: Matt Liotta [mailto:[EMAIL PROTECTED]]
>>Sent: Thursday, July 18, 2002 7:39 PM
>>To: CF-Talk
>>Subject: RE: filesystem security (was: Idea Incubator -
>>javax.imageio.Ima
Thomas [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, July 18, 2002 6:15 PM
> To: CF-Talk
> Subject: RE: filesystem security (was: Idea Incubator -
javax.imageio.Imag
> eReader)
>
> Holy s$%# Batman! did Dave and Matt just agree!?
>
>
> >>-Original Message
Well then, thank you both...as the show is always a great.
>>-Original Message-
>>From: Matt Liotta [mailto:[EMAIL PROTECTED]]
>>Sent: Thursday, July 18, 2002 9:14 PM
>>To: CF-Talk
>>Subject: RE: filesystem security (was: Idea Incubator -
>>ja
it's such a good show, we all learn by osmosis!
>>-Original Message-
>>From: Craig Thomas [mailto:[EMAIL PROTECTED]]
>>Sent: Thursday, July 18, 2002 9:27 PM
>>To: CF-Talk
>>Subject: RE: filesystem security (was: Idea Incubator -
>>javax.imageio.I
Please disregard my last post... I don't why I'm throwing myself into a
discussion I don't really have the time to read right now. :) I didn't
realize the conv. involved something other than cfhttp as a means of
retreiving html / images for the thumbnail.
Isaac
www.turnkey.to
954-776-0046
> Dav
Yes, but has anybody ever seen Matt and Dave in the same room together,
hmmm?
Jeff
-Original Message-
From: Matt Liotta [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 18, 2002 9:14 PM
To: CF-Talk
Subject: RE: filesystem security (was: Idea Incubator -
javax.imageio.Imag eReader)
We
Sarsoun, Jeff wrote:
> Yes, but has anybody ever seen Matt and Dave in the same room together,
> hmmm?
Are you suggesting they are one and the same person with multiple
personalities?
Jochem
__
Signup for the Fusion Authority
; To: CF-Talk
> Subject: RE: filesystem security (was: Idea Incubator -
> javax.imageio.Imag eReader)
>
>
> We always agree... we just pretend like we at each other's throats for
> the entertainment of the list.
>
> Matt Liotta
> President & CEO
> Montara Soft
19 matches
Mail list logo
