A partial solution is to discard CFID/CFTOKEN values when HTTP_REFERER
is not local. That's what I do.
best, paul
At 10:46 AM 12/1/00 -0800, you wrote:
>I pasted the link below and it logged me on as Joseph Higgins.
>
>This seems to be a "real" problem with attaching the CFID/CFTOKEN on all
>links.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
