> So, somebody send me an example of what their CFC façade > looks like. Do you have to code a new method into the façade > every time you add a cfc, or is it completely dynamic where > you pass in the name of the cfc and the method you want etc > and your façade never has to change?
In the few cases where I've used them, they were static - I needed to edit them when I added new methods to the underlying CFC. However, you could provide additional control within the façade that you didn't have within the underlying CFC. For example, you could have a CFC that was written to be used generally, but a façade that only allows web service calls. > If someone was to successfully implement a source browsing > hack, they could potentially view files which were outside of > your www directory. And as far as keeping someone from > invoking your cfc. Why couldn't someone just invoke it > though the façade and then you are back at square one... Source code viewing exploits do not allow you to view anything that isn't accessible through the web server. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:228950 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
