But I didn't understand what they put inside the cf_inputfilter that deleted
the cookie
whenever I closed the browser (although it was set to never).
did you happen to take a look at it?
btw: I thought the data in the cookie is encrypted, how does people suppose
to change it?
Thanks,
Michael
----- Original Message -----
From: "Dave Watts" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Sunday, July 08, 2001 9:04 AM
Subject: RE: KILL THE COOK!
> > Are you familier with Allair's CF_INPUTFILTER TAG?
> > that suppose to remove all special chars from being set and sent???
> >
> > <cf_inputFilter scopes="FORM,COOKIE,URL" chars="<,>,|,\,?,"
> > tags="ALL">
> >
> > This thing has caused the cookie to be deleted.
> > I've removed the COOKIE scope and it worked.
> >
> > god knows why did they put a cookie scope.
>
> They put a cookie scope in because cookies, like any other data sent from
> the client, can be manipulated by a malicious end-user.
>
> Dave Watts, CTO, Fig Leaf Software
> http://www.figleaf.com/
> voice: (202) 797-5496
> fax: (202) 797-5444
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
