Yah, as of right now, we have the <script> tags submitted in a form posts, and still they don't change in the other servers or the other instance. That is what I want to know if something triggers it and what exactly is this something.
Johnny >Not neccisarily, some fixes you have to apply to each instance. > >Anyway is it possible that the cross site scripting protection was not >triggered until now? >Has the <script> tag previously been submitted in form posts that you know >of ? > >Snake > >-----Original Message----- >From: Johnny Le [mailto:[EMAIL PROTECTED] >Sent: 28 September 2006 16:02 >To: CF-Talk >Subject: Re: CFMX and cross-site scripting attack? > >We have not. We talked about it but we haven't. Even if we did, both >instances on the same server should be affected, not just one. > >Johnny > >instance did this. >>So it looks like the global setting alone doesn't do it. There is >>something else that triggers the change. Could it be this and a >>combination of some settings in the IIS? I would greatly appreciate it >>if someone could shed some lights on it for me. >>Thank you. >> >>Johnny ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:254639 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
