Hi, we do not block cfobject, it is less of an issue in CF9 than previous versions, it is CreateObject(java) that is more of an issue. I'm afraid it is a toss up, you go with a host that disables all the dangerous tags and work around it, safe in the knowledge that no-one else on the server can do anything dodgy either, or you go with a host that allows dangerous tags and take the risk. Any host should at least be using security sandboxes to lock down any takes that allow I/O access, if they have just turned them on and have not sand boxed, then they are extremely insecure and you should avoid them.
-- Russ Michaels www.cfmxhosting.co.uk : ColdFusion Hosting www.cfmldeveloper.com : ColdFusion developer community + free developer hosting www.michaels.me.uk : my blog www.cfsearch.com : ColdFusion search engine ** *skype me* : russmichaels ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:346755 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
