- Others who have written about this problem have made the point that if your application uses a permanent cookie to identify you, and if you view a page on another site that "happens" to have links to your site, links you might not even see, WebAccelerator will execute those links. - They have also written that operations that change data "should" use "post" rather than get. - Unfortunately, for the many sites that use fusebox's FormURL2Attributes tag, it doesn't matter if you intended the data to be posted from a form. If a link contains the necessary information, the fusebox application will blithely accept the input as if it came from a form. - So, if you're logged in (either through current action in another window or by the magic of a cookie that remains on your browser to keep you from having to log in), then browsing other sites with WebAccelerator can be hazardous to your application; especially if you've ticked off anyone who has a general idea of how your application works. =Marty= R Martin Ladner [EMAIL PROTECTED]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:206519 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
