-
From: Sean Corfield [mailto:seancorfi...@gmail.com]
Sent: 17 November 2010 01:48
To: cf-talk
Subject: Re: CF Blog software
On Sat, Nov 13, 2010 at 4:19 AM, Russ Michaels r...@michaels.me.uk wrote:
This new function
It's not a function :)
I read your email and thought What new function? Why
On Sat, Nov 13, 2010 at 4:19 AM, Russ Michaels r...@michaels.me.uk wrote:
This new function
It's not a function :)
I read your email and thought What new function? Why can't Russ be
more specific? :)
So now CFML has a 'new' keyword that works just like 'new' in other languages:
a = new
Message-
From: James Holmes [mailto:james.hol...@gmail.com]
Sent: 14 November 2010 01:43
To: cf-talk
Subject: Re: CF Blog software
http://help.adobe.com/en_US/ColdFusion/9.0/Developing/WS61C07B60-3D65-4d71-8
F2A-8411D8010E60.html
--
WSS4CF - WS-Security framework for CF
http
This new function
-Original Message-
From: Sean Corfield [mailto:seancorfi...@gmail.com]
Sent: 13 November 2010 07:44
To: cf-talk
Subject: Re: CF Blog software
On Thu, Nov 11, 2010 at 1:40 AM, Russ Michaels r...@michaels.me.uk wrote:
could we have an example ?
An example of what
: Sean Corfield [mailto:seancorfi...@gmail.com]
Sent: 13 November 2010 07:44
To: cf-talk
Subject: Re: CF Blog software
On Thu, Nov 11, 2010 at 1:40 AM, Russ Michaels r...@michaels.me.uk wrote:
could we have an example ?
An example of what?
--
Sean A Corfield -- (904) 302-SEAN
Railo
On Thu, Nov 11, 2010 at 1:40 AM, Russ Michaels r...@michaels.me.uk wrote:
could we have an example ?
An example of what?
--
Sean A Corfield -- (904) 302-SEAN
Railo Technologies, Inc. -- http://getrailo.com/
An Architect's View -- http://corfield.org/
If you're not annoying somebody, you're
could we have an example ?
On Thu, Nov 11, 2010 at 2:21 AM, Sean Corfield seancorfi...@gmail.comwrote:
On Wed, Nov 10, 2010 at 8:39 AM, Adrocknaphobia
adrocknapho...@gmail.com wrote:
Of course, if this is CF9, you can replace all the createObject() calls
by
using the 'new' keyword.
Thus the previous discussion on sandbox security etc
-Original Message-
From: Sean Corfield [mailto:seancorfi...@gmail.com]
Sent: 10 November 2010 00:37
To: cf-talk
Subject: Re: CF Blog software
Mango Blog is great but it won't run on a ColdFusion host that restricts CFC
creation
I am currently evaluating Amazon's EC3 free tier (613 megs ram, 10 gig HD
space and a single core 2.66GHz processor) and right now I have an instance
running on a bare bone Centos 5.4 64 bit install with Railo, Apache 2.2,
Tomcat, Mysql and WebMin and it is running like a top. I still have a
Of course, if this is CF9, you can replace all the createObject() calls by
using the 'new' keyword. Sorry to be a walking advertisement, but ColdFusion
Builder refactoring will make that task very easy.
-Adam
On Tue, Nov 9, 2010 at 2:11 PM, Raymond Camden rcam...@gmail.com wrote:
To Dave's
.
-Original Message-
From: Adrocknaphobia [mailto:adrocknapho...@gmail.com]
Sent: 10 November 2010 16:40
To: cf-talk
Subject: Re: CF Blog software
Of course, if this is CF9, you can replace all the createObject() calls by
using the 'new' keyword. Sorry to be a walking advertisement, but ColdFusion
It would be a bit more complicated than that surely, as you are not just
replacing a word, you are replacing a function call and all its arguments
with a tag and all its parameters, and as each instance will not be the name
it doesn't seem like something you could easily automate.
Not
, CreateObject()?? Go
to CrystalTech for a few bucks a quarter or something.
From: Ben Forta b...@forta.com
Sent: Tuesday, November 09, 2010 11:37 AM
To: cf-talk cf-talk@houseoffusion.com
Subject: Re: CF Blog software
Change hosting companies. Really.
--- Ben
You could with regex support, and I can't recall if refactoring supports it
or not..
Regards,
Andrew Scott
http://www.andyscott.id.au/
-Original Message-
From: Russ Michaels [mailto:r...@michaels.me.uk]
Sent: Thursday, 11 November 2010 6:24 AM
To: cf-talk
Subject: RE: CF Blog
On Wed, Nov 10, 2010 at 8:39 AM, Adrocknaphobia
adrocknapho...@gmail.com wrote:
Of course, if this is CF9, you can replace all the createObject() calls by
using the 'new' keyword.
Interesting. So if cfobject and createObject() are completed blocked
by sandbox security on CF9 Enterprise, new
Change hosting companies. Really.
--- Ben
(Sent from my Flash enabled Android device)
On Nov 9, 2010 2:35 PM, DURETTE, STEVEN J (ATTASIAIT) sd1...@att.com
wrote:
Hi all,
So I haven't blogged in about a year because of different issues with my
website provider... Any how I'm looking to
Steve,
One should at least explain why hosts disable those tags.
They are all dangerous tags that provide IO access and the host is probably
just be cautious. If these were just enabled by default then the server
could be hacked in about 5 seconds.
However some of those tags should be allowed
@houseoffusion.com
Subject: Re: CF Blog software
Change hosting companies. Really.
--- Ben
(Sent from my Flash enabled Android device)
On Nov 9, 2010 2:35 PM, DURETTE, STEVEN J (ATTASIAIT) sd1...@att.com
wrote:
Hi all,
So I haven't blogged in about a year because of different issues with my
website provider
Some of those are reasonable, but CFCONTENT, CFDUMP, CreateObject()?? Go
to CrystalTech for a few bucks a quarter or something.
CFCONTENT and CreateObject both have serious security implications.
Russ knows better than me about sandboxing, but those tags and
functions shouldn't be allowed
...@figleaf.com
Sent: Tuesday, November 09, 2010 12:49 PM
To: cf-talk cf-talk@houseoffusion.com
Subject: Re: CF Blog software
Some of those are reasonable, but CFCONTENT, CFDUMP, CreateObject()??
Go
to CrystalTech for a few bucks a quarter or something.
CFCONTENT and CreateObject both have serious
On 11/9/2010 9:54 AM, Jason Fisher wrote:
Granted they shouldn't have unrestricted access, but I would argue that you
should be able to call them within your own application or else the ability
to build complex applications begins to be pretty well hampered, no?
Well, true. But hosting
, but
Crystaltech has been outstanding and I've been on them for years now
without issue.
From: Ian Skinner h...@ilsweb.com
Sent: Tuesday, November 09, 2010 1:02 PM
To: cf-talk cf-talk@houseoffusion.com
Subject: Re: CF Blog software
On 11/9/2010 9:54 AM, Jason Fisher
space, but I get 2
mysql dbs and 1 mssql plus CF7. It works out to 9.95 a month and I
can't afford more than that.
Steve
-Original Message-
From: Ben Forta [mailto:b...@forta.com]
Sent: Tuesday, November 09, 2010 11:37 AM
To: cf-talk
Subject: Re: CF Blog software
Change hosting companies
Granted they shouldn't have unrestricted access, but I would argue that you
should be able to call them within your own application or else the ability
to build complex applications begins to be pretty well hampered, no?
Yes, the ability to build complex applications may well be hampered in
a
than that.
Steve
-Original Message-
From: Ben Forta [mailto:b...@forta.com]
Sent: Tuesday, November 09, 2010 11:37 AM
To: cf-talk
Subject: Re: CF Blog software
Change hosting companies. Really.
--- Ben
(Sent from my Flash enabled Android device
Sounds like it's ttime to change who you host with. How are they blocking
CFC instantiation like that?
Sent from my Droid
On Nov 9, 2010 10:36 AM, DURETTE, STEVEN J (ATTASIAIT) sd1...@att.com
wrote:
Hi all,
So I haven't blogged in about a year because of different issues with my
website
of the changes that the
tutorial suggested weren't even there anymore.
Steve
-Original Message-
From: Sean Corfield [mailto:seancorfi...@gmail.com]
Sent: Tuesday, November 09, 2010 1:19 PM
To: cf-talk
Subject: Re: CF Blog software
Take a look at Alurium. They offer shared hosting for about
Sounds like it's ttime to change who you host with. How are they blocking
CFC instantiation like that?
I didn't see CFINVOKE on the list, so you could use that to create CFC
instances (assuming the CFCs have an init method that returns an
instance of the CFC). Of course, that doesn't really
Any ideas on cf blogging software I can use? Any tutorials on dumbing
down the current options to make them work? I found a tutorial for
blogcfc but it was so many versions back, some of the changes that the
tutorial suggested weren't even there anymore.
I haven't worked with BlogCFC so
There are indeed inherent risks and limitations with shared hosting. But
there are solutions, including ones less expensive than dedicated hosting.
Sandboxing is one option, although not an absolutely perfect one.
The preferred option (these days) is the one Dave mentioned, visualization,
where
Hey Dave,
CFCONTENT and CreateObject both have serious security implications.
I know all about CreateObject's security risks from a hosting perspective,
but I've never heard of an issue with CFCONTENT (I'm not doubting you, I'm
just curious what the issues are.)
=]
On Tue, Nov 9, 2010 at 11:33
I know all about CreateObject's security risks from a hosting perspective,
but I've never heard of an issue with CFCONTENT (I'm not doubting you, I'm
just curious what the issues are.)
It can be used to download any file that the CF service has permission
to access, including sensitive
Ah, that does make sense. Thanks Dave!
=]
On Tue, Nov 9, 2010 at 11:56 AM, Dave Watts dwa...@figleaf.com wrote:
I know all about CreateObject's security risks from a hosting
perspective,
but I've never heard of an issue with CFCONTENT (I'm not doubting you,
I'm
just curious what the
To Dave's suggestion of replacing createObject w/ cfinvoke - I believe
(stress - believe) other BlogCFC users have done it in the past. It
isn't officially supported by BlogCFC, Inc (aka me) but I believe it
can be done.
On Tue, Nov 9, 2010 at 12:59 PM, Alan Rother alan.rot...@gmail.com wrote:
I believe the issue is with createobject using Java, COM and CORBA and not
create object(component)
From the OP:
CreateObject(COM)
CreateObject(CORBA)
CreateObject(JAVA)
Another option would be http://hostek.com/. They have cheap plans and
support everything except CFREGISTRY and CFEXECUTE. But
I believe the issue is with createobject using Java, COM and CORBA and not
create object(component)
From the OP:
CreateObject(COM)
CreateObject(CORBA)
CreateObject(JAVA)
The problem as I recall is that there wasn't a way to exclude one
specific type of CreateObject call. Again, though,
. The problem as I recall is that there wasn't a way to exclude one
specific type of CreateObject call.
Actually, you can lock it down by the type: COM, Java, CORBA, .Net (c8 +)
and Webservice or you can disable the entire function.
This is on CF 8 standard so it is server wide. No sandbox
Actually, you can lock it down by the type: COM, Java, CORBA, .Net (c8 +)
and Webservice or you can disable the entire function.
This is on CF 8 standard so it is server wide. No sandbox support on
standard but I assume (a dangerous thing to do with Mr. Watts here ;) ) that
it would behave
without sandboxing (cf enterprise required) if all tags are enabled, any
user can read/write files anywhere on the server. Even if lockdown
procedures arr used, coldfusion will at bare allow all users access to each
others sites even if not the whole server.
Any other customers on the server can
: Wednesday, 10 November 2010 6:27 AM
To: cf-talk
Subject: Re: CF Blog software
I believe the issue is with createobject using Java, COM and CORBA and not
create object(component)
From the OP:
CreateObject(COM)
CreateObject(CORBA)
CreateObject(JAVA)
Another option would be http
On Tue, Nov 9, 2010 at 9:44 PM, Andrew Scott wrote:
And what surprised me was cfdump is one, because of the way it is
implemented.
cfdump internally uses createObject(java, ...) so it isn't as much
that cfdump iself is disallowed as that you can't use it when Java
objects have been disabled.
On Tue, Nov 9, 2010 at 5:35 PM, DURETTE, STEVEN J (ATTASIAIT) wrote:
my provider restricts a bunch of tags (below)
Most of the restrictions are reasonable for a shared host that wants
to provide a modicum of security. In a properly configured Sandbox
cfcontent, cflog and setProfileStrng could
CreateObject(com) is very dangerous and should never be enabled on a shared
server. DANGER will Robinson.
All the sandbox does is either enable or disable this function, as your
calling a COM object which has nothing to do with JAVA it is run totally
outside of the sandbox permissions. Again it
donation type of stuff. So it's all out of pocket for me
which is why I go for the bare minimum.
Steve
-Original Message-
From: Jochem van Dieten [mailto:joch...@gmail.com]
Sent: Tuesday, November 09, 2010 3:53 PM
To: cf-talk
Subject: Re: CF Blog software
On Tue, Nov 9, 2010 at 5:35 PM
: CF Blog software
On Tue, Nov 9, 2010 at 5:35 PM, DURETTE, STEVEN J (ATTASIAIT) wrote:
my provider restricts a bunch of tags (below)
Most of the restrictions are reasonable for a shared host that wants
to provide a modicum of security. In a properly configured Sandbox
cfcontent, cflog
: DURETTE, STEVEN J (ATTASIAIT)
Sent: Tuesday, November 09, 2010 4:07 PM
To: cf-talk
Subject: RE: CF Blog software
Yes, but you are assuming commercial hosting. I host my own website
(non-commercial) and the website for a club at the local community
college.
Neither generates money so cost
few
months. I wanted something I could use now and look at new hosting in
the future.
Steve
-Original Message-
From: DURETTE, STEVEN J (ATTASIAIT)
Sent: Tuesday, November 09, 2010 4:07 PM
To: cf-talk
Subject: RE: CF Blog software
Yes, but you are assuming commercial hosting. I
Yes I am fully aware of that, which is why I stated the way it was
implemented.
Regards,
Andrew Scott
http://www.andyscott.id.au/
-Original Message-
From: Jochem van Dieten [mailto:joch...@gmail.com]
Sent: Wednesday, 10 November 2010 7:52 AM
To: cf-talk
Subject: Re: CF Blog
I am running mangoBlog on Railo
http://www.mangoblog.org/
http://www.mangoblog.org/
On 10 November 2010 02:25, DURETTE, STEVEN J (ATTASIAIT) sd1...@att.comwrote:
Thanks, I will look at them (I have no experience with Railo), but I am
pre-paid for a few months, so...
Any ideas on cf
So am I and I have no complaints.
Dave McGraw
Oyova Software, LLC
http://www.oyova.com
On Tue, Nov 9, 2010 at 6:27 PM, AJ Mercer ajmer...@gmail.com wrote:
I am running mangoBlog on Railo
http://www.mangoblog.org/
http://www.mangoblog.org/
On 10 November 2010 02:25, DURETTE, STEVEN J
Mango Blog is great but it won't run on a ColdFusion host that restricts CFC
creation...
On Tue, Nov 9, 2010 at 3:27 PM, AJ Mercer ajmer...@gmail.com wrote:
I am running mangoBlog on Railo
http://www.mangoblog.org/
http://www.mangoblog.org/
Ii don't think many hosts prohibit CreateObject('component'), they're
after the java/com/corba flavors. CreateObject('java') is mighty
useful though; not sure if Mango uses it or not.
Dave
On Tue, Nov 9, 2010 at 7:36 PM, Sean Corfield seancorfi...@gmail.com wrote:
Mango Blog is great but it
On Feb 2, 2008 12:15 AM, Charlie Griefer [EMAIL PROTECTED] wrote:
not so much plug-innable skins... but peruse the various cf blogs
out there (just go to http://coldfusionbloggers.org/). most of them
are using blogCFC (if not most... a lot). you'll see the various
layouts/designs.
It's
BlogCFC is flat out awesome! I have been running it since day 1 and have not
looked back.
http://blogcfc.riaforge.org/
Dan Vega
http://www.danvega.org/blog/
On Feb 1, 2008 12:58 PM, Robert Harrison [EMAIL PROTECTED] wrote:
Does anyone know of any good CF blog site software products. I need to
You might also look into Mango blog. The user interface in the admin area is
far more friendly and appealing than BlogCFC. I'm sure they both do the same
things, but Mango blog just looks a little easier to use.
-Original Message-
From: Robert Harrison [mailto:[EMAIL PROTECTED]
Sent:
[mailto:[EMAIL PROTECTED]
Sent: Friday, February 01, 2008 1:04 PM
To: CF-Talk
Subject: Re: CF Blog Software
BlogCFC is flat out awesome! I have been running it since day 1 and have not
looked back.
http://blogcfc.riaforge.org/
Dan Vega
http://www.danvega.org/blog/
On Feb 1, 2008 12:58 PM
@Andy -
Its not whats on the outside that counts! haha.. j/k
Dan
On Feb 1, 2008 1:56 PM, Andy Matthews [EMAIL PROTECTED] wrote:
You might also look into Mango blog. The user interface in the admin area
is
far more friendly and appealing than BlogCFC. I'm sure they both do the
same
things,
As a general hint, you may also want to try the ColdFusion category at
RIAForge (www.riaforge.org). It is a good place to find answers to
questions like this.
On Feb 1, 2008 12:56 PM, Andy Matthews [EMAIL PROTECTED] wrote:
You might also look into Mango blog. The user interface in the admin area
Are there various skins available for BlogCFC?
Rick
-Original Message-
From: Raymond Camden [mailto:[EMAIL PROTECTED]
Sent: Friday, February 01, 2008 2:39 PM
To: CF-Talk
Subject: Re: CF Blog Software
As a general hint, you may also want to try the ColdFusion category at
RIAForge
in a skin.
On Feb 1, 2008 3:55 PM, Rick Faircloth [EMAIL PROTECTED] wrote:
Are there various skins available for BlogCFC?
Rick
-Original Message-
From: Raymond Camden [mailto:[EMAIL PROTECTED]
Sent: Friday, February 01, 2008 2:39 PM
To: CF-Talk
Subject: Re: CF Blog Software
I am not sure if there are are made specifically for BlogCFC as it has been
a year or so since I set mine up. I had no problem porting a free template
from to work with BlogCFC. Even if you have nominal CSS chops it shouldn't
take more than an hour or 2 to get your head around skinning BlogCFC.
I
61 matches
Mail list logo