Thanks for your suggestion.
Cody
_
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dusty Hale
Sent: Thursday, June 14, 2007 5:17 PM
To: discussion@acfug.org
Subject: RE: [ACFUG Discuss] OT: Graphic Needed
I recently stumbled upon http://www.logoyes.com ... there
Cody
I have forwarded this request to a company that does graphic work for all the
companies I work for.
If he agrees I will hook you up with them.
Robert Lash
- Original Message -
From: Cody Wehunt
To: discussion@acfug.org
Sent: Thursday, June 14, 2007 3:38 PM
Subject: [ACFU
You could implement a queue for requests to ensure you never go over
concurrent sessions limit. Keep some stats on it for a while (i.e.
how often do all concurrent requests fill and how deep does the queue
get) and you'll be able to determine if you need more concurrent
licenses to meet th
I'm no CR SME, but looks like more concurrent license are needed. That or
design things to slow your users down a bit! ;)
DK
On 6/14/07, Mischa Uppelschoten ext 10 <[EMAIL PROTECTED]>
wrote:
CFMX 7.
I'm presenting customers with a page of links to their invoices. Every
invoice is a Crystal
I recently stumbled upon http://www.logoyes.com ... there is a tool to
quickly generate nice looking logos and the final version is delivered in
vector so can scale to any size. However, they charge $99 for the service.
Still a good cheap solution in my opinion.
D
_
From: [EMAIL PROTECT
CFMX 7.
I'm presenting customers with a page of
links to their invoices. Every invoice is
a Crystal report and opens in a new window.
If the user opens too many new windows too
quickly, some of them throw an error:
A Crystal
Reports job failed because a free license
could not be obtained
Hey everyone,
I am working on a site for a Kid's Swim Team. They are looking for a great
logo. Their name is the Heritage Farms Torpedos. I am working on the site
for them for free, but they need a logo. Anyone feel like donating some
time. Placing a link to your site should not be a proble
Thanks everyone for the response.
Ajas.
On 6/14/07, John Mason <[EMAIL PROTECTED]> wrote:
Very true.
Just want Ajas and others to know. We're not slamming you on this. It's a
good question. Like shawn said most of us have made these types of coding
solutions only to fine a bunch of problems
Very true.
Just want Ajas and others to know. We're not slamming you on this. It's a
good question. Like shawn said most of us have made these types of coding
solutions only to fine a bunch of problems at the end of the road. It's sort
of a "been there, done that" thing that we want you to avoid.
/me steps up on his soapbox
If you are a web developer, you need to understand HTTP. Buy the
O'Reilly book _HTTP_, read it. Learn it. Love it.
/me steps down off his soapbox
-dhs
P.S. Is a soapbox filled with web services? ;-)
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"[T]he people c
Or he could take the same road that we've all been down before and crash in the
same spot we did. Sometimes that's a great way to learn. Why pay attention to
the wet paint sign when you can touch it for yourself and get dirty?
- Original Message
From: John Mason <[EMAIL PROTECTED]>
To:
I agree. The cgi variables are very unreliable. Ajas, you're not the first
to do this. Many people including myself have relied on cgi variables for
things (not just for security) and have been burn by them. It's a little
added work to do the login, but it will save you a lot of problems down the
r
Some A/V products come with personal proxies (I think Norton is one
of them) which strips the referer as do some proxies.
Like I said, you need a single sign-on solution. Something simple
will probably work based on what I have read so far.
-dhs
P.S. Shawn, I'd like mine to be foie_gras.
The HTTP spec does not require the browser to pass the referer.
Plain and simple. So it cannot be depended on since it will not
always exist.
-dhs
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"To announce that there must be no criticism of the president, or
that we are to stand by the pre
How do you get it if it isn't there? I suppose that you could just make it up
if you liked. I'd make mine as coming from peanut_butter.cfm. As Dean stated,
it isn't always reliable. Type in a url or get to one through a bookmark and it
will be empty. I've seen them get stripped at firewalls as w
Hi Dean,
Thanks for the information. I understand the threat
cgi.HTTP_REFERER variable poses and also that its not safe to depend on any
client generated variables.
But lets say I want to know answers for these 2 questions, what would be the
answer i.e.
1) why the cgi.HTTP_REFERER
FWIW, the referer header is a great way to get information
disclosure. Its a great way to find previously unknown URLs just by
scraping referer logs. Can be used to track where someone has been
previously... fun stuff.
-dhs
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"[T]he people can a
Referer is never a guaranteed value to be passed from the browser.
Don't ever depend on it. Besides, any client-controlled data, such
as headers, can be spoofed. I wouldn't ever have to login to your app.
You need a single sign-on solution that passes a random, non-
spoofable identifier b
Hi,
In one of my CF 7 applications say Appl A, I have a link to another
application Appl B. Appl B will allow user to access restricted pages in
case he is a referred user from Appl A. In the Application.cfm file of Appl
B, I have this code
Adobe MAX North America registration opened today.
http://www.adobemax2007.com/na/
Precia
-
Annual Sponsor FigLeaf Software - http://www.figleaf.com
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login
20 matches
Mail list logo
