--- "McCollough, Alan" <[EMAIL PROTECTED]> wrote:
> I was pondering the following thought this
> morning...
>
> Thinking about security and Fusebox.
> Thinking that if somebody wanted to discern all of
> your CFINCLUDEd
> templates, all they need is a source view of
> index.cfm, which they could get
> easily by constructing their own page and (for
> Windows folks) right-clicking
> on the hyperlink to save the code locally, as in:
> <a href="www.foo.com/index.cfm">I'm gonna steal your
> code</a>
> Then they could read the code, and by using the same
> technique as above,
> ultimately get all of your source code.
how are you going to download a cfm source?
right click on the link and you get an html page
>
> Having never used CFCRYPT before, would it be an
> acceptible/worthwile
> measure to CFCRYPT index.cfm, thus preventing
> exposure of underlying CF
> templates?
>
> Alan McCollough
> Web Programmer
> Alaska Native Medical Center
>
------------------------------------------------------------------------------
> To Unsubscribe visit
>
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox
> or send a message to
> [EMAIL PROTECTED] with 'unsubscribe'
> in the body.
=====
Ken Beard, Developer
Stampede Network
Tampa, FL
(813)622-7655 ext.246
[EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
