Not if the files being uploaded are things like images, or text files.
Requests for those file types aren't routed through ColdFusion. Instead
the webserver hands the files directly back to the user.
Options:
1) Store the files outside of the webroot and only allow programmatic
access via
first of all, users should not be able to upload files below the web root.
that is a dangerous thing to offer to them.
What are you defining as right credentials? If a user can create
directories and upload files using some ftp client then there are a number
of things you can do to make sure each
: application.cfc for security
Not if the files being uploaded are things like images, or text files.
Requests for those file types aren't routed through ColdFusion. Instead
the webserver hands the files directly back to the user.
Options:
1) Store the files outside of the webroot and only allow
, October 09, 2009 2:45 PM
To: cf-talk
Subject: RE: application.cfc for security
Not if the files being uploaded are things like images, or text files.
Requests for those file types aren't routed through ColdFusion. Instead
the webserver hands the files directly back to the user.
Options:
1
4 matches
Mail list logo
