A co-worker and I came up with this possible tool to conceal the names of
FuseActions, for even heightened security for the paranoid. It consists of
a custom tag to create a structure containing FuseActions and their
encrypted values, and a line to decrypt the passed FuseAction.
I haven't tested this code yet, we just whipped it up real quick and I
wanted to see what y'all thought of the idea - any merit?
<!--- Source of CF_SETFUSEACTIONS: --->
<CFPARAM NAME="Attributes.FuseActions" DEFAULT="">
<CFPARAM NAME="Attributes.Key" DEFAULT="KermitTheFrog">
<CFPARAM NAME="Attributes.Return" DEFAULT="S_FuseActions">
<CFSET S_FuseActions = StructNew()>
<CFLOOP LIST="#Attributes.FuseActions#" INDEX="FuseAction">
<CFSET SetVariable("S_FuseActions.#FuseAction#", Encrypt(FuseAction,
Attributes.Key))>
</CFLOOP>
<CFSET SetVariable("Caller.#Attributes.Return#", S_FuseActions)>
<!--- In the calling template: --->
<CF_SETFUSEACTIONS FUSEACTIONS="Login,Logout,Display" KEY="MyKey">
<CFOUTPUT><A HREF="default.cfm?F=#S_FuseActions.Login#">Login</A></CFOUTPUT>
<!--- At the top of the FuseBox (index.cfm) or app_globals.cfm : --->
<CFSET Attributes.FuseAction = Decrypt(Attributes.F,
Application.FuseActionKey)>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
