perhaps you are right Dave. And Matt. I'm going to run over to the "Is Flash really that good" thread to tell them that using flash solves this issue.
-Igor -----Original Message----- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Monday, June 23, 2003 3:31 PM To: CF-Talk Subject: RE: CFMX Form Submission Hacking. > It's secure enough to the point where only somebody who can > rewrite the raw HTTP header to look like the one on my > servers, is able to get a hack through. This is hard enough > to do, and enough of a rare case, that if they did that, I'm > sure the admins would eventually (if not immediately) notice > the discrepancy (as it is calculated on the admin side), and > void the transaction. I'm trying to avoid this happening on a > large scale. I think you're overestimating the difficulty of rewriting HTTP headers. I think you're also underestimating the population of computer criminals. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
