Yep, thought about that a little while after I sent it - I'd add an IP check as well.
That's what I do, but I do it in the IIS administration, rather then the code. Only allow a given IP address permission to access the given resource(s). Assuming you have control of the IIS; obviously not something valid in hosted environments. -------------- Ian Skinner Web Programmer BloodSource www.BloodSource.org Sacramento, CA --------- | 1 | | --------- Binary Sudoku | | | --------- "C code. C code run. Run code run. Please!" - Cynthia Dunning Confidentiality Notice: This message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender and delete any copies of this message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:271905 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
