On a related note, I once came across a server in which the cf developers
had created the app in such a manner that all include code where in .inc
files.
You code just type www.server.com/login.inc and download the code. Not a
good idea.
Remember, just because you are "including" a file, other people might not .
Justin
>those on there, remove them immediately. While you're at it, if you're
>running IIS, make sure you don't have sample code, unnecessary ISAPI
>extensions, etc. for that. As for people accessing application.cfm and
>onrequestend.cfm directly, there isn't a huge amount of harm, as CF will
>return the message you've noticed in your logs, rather than executing any
>code.
>
>Dave Watts, CTO, Fig Leaf Software
>http://www.figleaf.com/
>voice: (202) 797-5496
>fax: (202) 797-5444
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
