> You could AND SHOULD secure NON-Fusebox sub-templates with
> something like the following:
>
> <cfif http_referrer does not contain "#server_name#">
>
> <cfabort>
>
> </cfif>
If you're concerned about security, you can't rely on HTTP_REFERER, which is
provided by the browser. Any data from the browser is subject to tampering.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
