My client is using CF5.0 on a win box, could you explain the process of adding target/remote web server as a trusted referring server?
"add the BofA server as a trusted referring server and everything will magically work."
Another question, does this technique apply to most https problem with cfhttp tag or only applicable to certain situation?
Thanks.
Don
>Check the archives for "Bank of America", but in a nutshell:
>
>BofA requires that you have a list of trusted referrers. You'll find
>the BofA server is going to ignore your header assignment. So add the
>BofA server as a trusted referring server and everything will magically
>work. Nice security, huh? I did this as a temp workaround until BofA
>tech staff came back with the same solution; making it permanent.
>
>Don't they have an XML-based system now that doesn't require this
>malarkey? And if you are on CF 6+ you should be able to use their
>COM-based system (assuming COM works, of course). I was running CF 4.5
>at the time so I couldn't go there.
>
>--------------------------------------------
> Matt Robertson [EMAIL PROTECTED]
> MSB Designs, Inc. http://mysecretbase.com
>--------------------------------------------
>
>-----Original Message-----
>From: Mark Muellers [mailto:[EMAIL PROTECTED]
>Sent: Thursday, February 05, 2004 5:22 PM
>To: CF-Talk
>Subject: Re:Bank of America estores, cfhttp, http_referer, troubles
>
>
>Andrea,
>
>I'm also having the same problem. I'd HUGELY appreciate if you would
>share how you solved this problem.
>
>Thanks in advance,
>Mark
>
>>I am trying to set up our new estores code for credit card processing.
>I
>>have been using authorize.net in the past and never had any problems
>with
>>cfhttp.
>>
>>However, now I keep getting a message from Bank of America saying:
>>
>>"IOC_reject_description=The site that originated the order request is
>not
>>authorized to POST transactions."
>>
>>I have confirmed that I have put my site domain and IP into their
>management
>>configuration setup, so it's not that.
>>
>>I know people have mentioned problems with the fact that Bank of
>America
>>requires you to send an http_referer header, which I have been trying
>to do
>>using cfhttpparam. Here is my code:
>>
>><CFHTTP URL=""> >useragent="Mozilla/4.0
>>(compatible; MSIE 5.5; Windows NT 5.0)" METHOD="post"
>throwonerror="Yes"
>>resolveurl="Yes" port="443">
>> <CFHTTPPARAM NAME="http_referer" TYPE="CGI"
>>value="http://community.cancersource.com">
>> <CFHTTPPARAM NAME="ioc_merchant_id" TYPE="FormField"
>>VALUE="#ioc_merchant_id#">
>> <CFHTTPPARAM NAME="ioc_order_total_amount"
>TYPE="FormField"
>TYPE="FormField"
>TYPE="FormField"
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
