Client variables with CFLOCATION behavior:
When using CFLOCATION to redirect to a path that contains .DBM or .CFM, the
Client.URLToken is automatically appended to the URL. This behavior can be
suppressed by adding the attribute ADDTOKEN="No" to the CFLOCATION tag.
This is an excerpt from
http://www.houseoffusion.com/cfdocs1/Developing_Web_Applications_with_ColdFu
sion/05_Using_the_Application_Framework/dwa05_07.htm
Hope this helps,
Natalie
-----Original Message-----
From: Chad [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 14, 2000 3:19 PM
To: [EMAIL PROTECTED]
Subject: session.basket URL
Im just starting to develop a E-commerce Shopping basket and i notice that
when i goto add product to my session.basket the persons CFID, and CFToken
are displayed in the URL.
i.e.
/outputsession.cfm?CFID=34&CFTOKEN=56471755
Is this normal? Is this a security risk?
BTW I am adding the product with a form.
----------------------------------------------------------------------------
--
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
