> > Any data from the browser is subject to tampering. You can't
> > rely on HTTP_REFERER - that's sent by the browser, and thus
> > subject to the same sort of tampering as the form fields.
>
> Then can you suggest the best way of tackling this situation...
>
> - website, basket and pre-checkout on one server
> - basket or orders table in database, each basket record tied to a
> session.userid value
> - secure payment area / checkout on another server
> - no database access from secure server to database on main
> website server
>
> How can you make the basket / orders data tied to a user,
> together with the prices for the products, accessible to the
> checkout section without including them as hidden form fields
> which, obviously can be tampered with?
>
> I've seen one solution where a text file was written on the
> unsecure server and the filename passed as a form field to the
> secure area. The checkout just CFHTTPed the text file, parsed
> out the order / product data and displayed the totals... not
> an ideal way of doing it but seemed reasonably effective.
As in your example, you'd have to use CFHTTP or some other communication
mechanism between your CF server (as the client) and the payment server.
That's really the only way.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
