RE: [Fusebox] auto redirecting straying sheep?

BOROVOY Noam Tue, 19 Sep 2000 05:46:55 -0700
P---lease,
It's been hashed to death - Application.cfm may be discouraged in the
fusebox docs - but mainly so as not to use it for setting global variables.
Using it for redirecting to index.cfm - security wise is the best.

        ----------
        From:  Tollervey [SMTP:[EMAIL PROTECTED]]
        Sent:  Tuesday, 19 September 2000 14:51
        To:  [EMAIL PROTECTED]
        Subject:  Re: [Fusebox] auto redirecting straying sheep?

        Application.cfm? This is Fusebox.
        ----- Original Message -----
        From: "BORKMAN Lee" <[EMAIL PROTECTED]>
        To: <[EMAIL PROTECTED]>
        Sent: Tuesday, September 19, 2000 4:25 AM
        Subject: RE: [Fusebox] auto redirecting straying sheep?


        > Try this snippet in your only Application.cfm (in your main
application
        > directory):
        >
        > <cfif findnocase("cfm",cgi.CF_TEMPLATE_PATH) and not
        > findnocase("index.cfm",cgi.CF_TEMPLATE_PATH)>
        > <cflocation url="index.cfm?badfile=yes">
        > </cfif>
        >
        > Straight from the FuseBox.org code,
        >
        > Lee (Bjork) Borkman
        > http://bjork.net ColdFusion Tags by Bjork
        >
        >
        > -----Original Message-----
        > From: David Harris [mailto:[EMAIL PROTECTED]]
        > Sent: Tuesday, September 19, 2000 1:11 PM
        > To: [EMAIL PROTECTED]
        > Subject: [Fusebox] auto redirecting straying sheep?
        >
        >
        > This is a multi-part message in MIME format.
        >
        > ------_=_NextPart_001_01C021DE.DCA0E7B1
        > Content-Type: text/plain;
        > charset="iso-8859-1"
        > Content-Transfer-Encoding: quoted-printable
        >
        > Has anyone included a cflocation in each fuse to ensure that
someone
        > isn't trying to squirrel their way into your app. I know the fuse
names
        > never reveal themselves to the end user, but as fusebox gains in
        > popularity, people will try to type app_globals or dsp_login just
to
        > see. All we need is to wrap it in a cfif that checks the referring
url,
        > I think. Better to be safe than sorry. Haven't tried it myself...
yet.
        >
        > David Harris
        > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
        > Consulara Technology Partners
        > 678-725-3824
        > [EMAIL PROTECTED]=20
        >
        > ------_=_NextPart_001_01C021DE.DCA0E7B1
        > Content-Type: text/html;
        > charset="iso-8859-1"
        > Content-Transfer-Encoding: quoted-printable
        >
        > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
        > <HTML>
        > <HEAD>
        > <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
        > charset=3Diso-8859-1">
        > <META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
        > 6.0.4368.4">
        > <TITLE>auto redirecting straying sheep?</TITLE>
        > </HEAD>
        > <BODY>
        > <!-- Converted from text/plain format -->
        >
        > <P><FONT SIZE=3D2>Has anyone included a cflocation in each fuse to
=
        > ensure that someone isn't trying to squirrel their way into your
app. I =
        > know the fuse names never reveal themselves to the end user, but
as =
        > fusebox gains in popularity, people will try to type app_globals
or =
        > dsp_login just to see. All we need is to wrap it in a cfif that
checks =
        > the referring url, I think. Better to be safe than sorry. Haven't
tried =
        > it myself... yet.</FONT></P>
        >
        > <P><FONT SIZE=3D2>David Harris</FONT>
        >
        > <BR><FONT SIZE=3D2>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</FONT>
        >
        > <BR><FONT SIZE=3D2>Consulara Technology Partners</FONT>
        >
        > <BR><FONT SIZE=3D2>678-725-3824</FONT>
        >
        > <BR><FONT SIZE=3D2>[EMAIL PROTECTED] </FONT>
        > </P>
        >
        > </BODY>
        > </HTML>
        > ------_=_NextPart_001_01C021DE.DCA0E7B1--
        >
--------------------------------------------------------------------------
        --
        > --
        > To Unsubscribe visit
        >
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or
        > send a message to [EMAIL PROTECTED] with
'unsubscribe' in
        > the body.
        >
--------------------------------------------------------------------------
        ----
        > To Unsubscribe visit
        
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or
        send a message to [EMAIL PROTECTED] with
'unsubscribe' in
        the body.


        
----------------------------------------------------------------------------
--
        To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: [Fusebox] auto redirecting straying sheep?

Reply via email to
