Testing...
--
--
Ninety percent of the politicians give the other ten percent a bad
reputation. Henry Kissinger
This thing is on.
On Tue, Jun 25, 2013 at 10:32 AM, Rick Faircloth
r...@whitestonemedia.comwrote:
Testing...
--
--
Ninety percent of the
Got it.
Sent from my iPhone 4S.
On Jun 25, 2013, at 10:32 AM, Rick Faircloth r...@whitestonemedia.com wrote:
Testing...
--
--
Ninety
Thanks, Bruce...
On Tue, Jun 25, 2013 at 10:33 AM, Bruce Sorge sor...@gmail.com wrote:
Got it.
Sent from my iPhone 4S.
On Jun 25, 2013, at 10:32 AM, Rick Faircloth r...@whitestonemedia.com
wrote:
Testing...
--
Hi, all...
I've been writing code for every project I've worked on for the last 10+
years.
I did that purposefully to make myself work in a manner which would,
hopefully,
not cause me to rely on known practices because they were familiar and
understood, but always strive to discover better ways
Live mic
Until Later!
C. Hatton Humphrey
http://www.eastcoastconservative.com
Every cloud does have a silver lining. Sometimes you just have to do some
smelting to find it.
On Tue, Jun 25, 2013 at 10:32 AM, Rick Faircloth
r...@whitestonemedia.comwrote:
Testing...
--
if you use EXTENDS, then everything in the parent CFC is available tot he
child.
If you want libraries to use on multiple sites, then you would need to put
the components in a central location and then adding a mapping to them.
On Tue, Jun 25, 2013 at 4:01 PM, Rick Faircloth
Boy, traffic must be really slow...
On Tue, Jun 25, 2013 at 10:33 AM, John M Bliss bliss.j...@gmail.com wrote:
This thing is on.
On Tue, Jun 25, 2013 at 10:32 AM, Rick Faircloth
r...@whitestonemedia.comwrote:
Testing...
--
Alright, that's the confirmation I needed to proceed. So, use 'extends it
is!
Thanks,
Rick
On Tue, Jun 25, 2013 at 11:21 AM, Russ Michaels r...@michaels.me.uk wrote:
if you use EXTENDS, then everything in the parent CFC is available tot he
child.
If you want libraries to use on multiple
Hang on a minute. If I understand this correctly
So, how do I make the variables from application.cfc available to
contact.cfc under
such a scenario? Does the extends functionality of cfc's solve this?
... you're thinking about adding `extends=Application` to your
contact.cfc? If
I have to agree with Matt. You are setting yourself up for a dependency
nightmare if your cfc functions do not encapsulate their logic.
On Tue, Jun 25, 2013 at 10:50 AM, Matt Quackenbush quackfu...@gmail.comwrote:
Hang on a minute. If I understand this correctly
So, how do I make the
taking best practices into consideration is a whole different matter, but
his original post implied he just wants to keep his existing code.
Having global functions in your application.cfc is pretty common evrn if
not a best practice.
Russ Michaels
www.michaels.me.uk
On 25 Jun 2013 16:54, Brian
However, the contact.cfc has to reference variables setup in the
application.cfc, which exists inside the website root. Unless I place
the application.cfc in the same folder as contact.cfc, it doesn't work.
So, how do I make the variables from application.cfc available to
contact.cfc under
On Tue, Jun 25, 2013 at 12:04 PM, Dave Watts dwa...@figleaf.com wrote:
In general, you don't want to use Application.cfc as the parent class
for any other class except another Application.cfc - for example, in a
subdirectory of the parent application. You don't want to use it as
the parent
Hi. My server just stopped handling reqs for a second and I got alerted.
When I checked to see what was running, I saw a long-ish running req for:
index.cfm?
-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%2
Your understanding is correct, Matt, but I don't see how your
example is relevant.
In my application.cfc, I've got a line that sets an application variable:
cfset application.siteShortDomain = myShortDomain.com
I need that application.siteShortdomain variable available when contact.cfc
runs.
Dave:
Is contact.cfc part of the same application as the Application.cfc
where the variables are defined?
No, I'm trying to figure out a way to have a common library of cfc's, js,
etc.,
that websites I build can reference.
I saw in other places around the Internet that it's best to keep code
You do it exactly like I said you do it: Pass it in as either an argument
or a property. When you instantiate your contact.cfc, you pass in
everything it needs from outside in order to do its job.
The example I gave is completely relevant, albeit not an example of your
exact situation. I don't
Hi. My server just stopped handling reqs for a second and I got alerted. When I
checked to see what was running, I saw a long-ish running req for:
index.cfm?
-d+allow_url_include%3Don+-d+safe_mode%3Doff+-d+suhosin.simulation%3Don+-d+disable_functions%3D%22%2
In my application.cfc, I've got a line that sets an application variable:
cfset application.siteShortDomain = myShortDomain.com
I need that application.siteShortdomain variable available when contact.cfc
runs.
So, how would I go about this?
From within any file that's part of that
On Tue, Jun 25, 2013 at 12:56 PM, John Bliss wrote:
- what that req is supposed to do?
- how to be sure to block it?
First result via Google for that string:
Plesk 0-day Remote Vulnerability in the Wild
http://blog.sucuri.net/2013/06/plesk-0-day-remote-vulnerability-in-the-wild.html
I don't have PHP installed so I guess I'm not vulnerable, right?
Any idea how to have CF (or IIS) auto-kill requests like this?
On Tue, Jun 25, 2013 at 1:09 PM, Cameron Childress camer...@gmail.comwrote:
On Tue, Jun 25, 2013 at 12:56 PM, John Bliss wrote:
- what that req is supposed to
Thanks for the heads up. I know some people that use plesk
On Tue, Jun 25, 2013 at 1:16 PM, John M Bliss bliss.j...@gmail.com wrote:
I don't have PHP installed so I guess I'm not vulnerable, right?
Any idea how to have CF (or IIS) auto-kill requests like this?
On Tue, Jun 25, 2013 at
With AJAX-accessed cfc's you really need them under your web root. CF
mappings won't work with those. Creating a virtual dir in your web server
pointing to the cfc location will do the trick.
On Wed, Jun 26, 2013 at 1:58 AM, Dave Watts dwa...@figleaf.com wrote:
In my application.cfc, I've
From within any file that's part of that application, you can directly
reference application.siteShortDomain:
cfoutput#application.siteShortDomain#/cfoutput
Any file within the same directory, or any subdirectories that don't
have their own Application.cfc or Application.cfm files, are
Matt, just participate in the conversation without being asinine about it.
I haven't asked anyone to write my code for me. Just looking
for some guidance as to the correct approach.
So, offer your advice in a friendly manner, if you're going to offer
it at all.
On Tue, Jun 25, 2013 at 12:56
Thanks, Azadi...
I was afraid that or creating CF Admin mappings might end up being
the answer. I was trying to find a way of accessing the variables without
a lot of setup for each website. But, virtual directories won't be that much
to do, since the virtual directories will be the same for
sigh I did. And you flatly stated that my example is (not) relevant. I
was merely pointing out - mostly for those who happen upon this thread
later, since they'll hopefully read and comprehend - that your assessment
is flatly wrong.
Good luck.
On Tue, Jun 25, 2013 at 2:24 PM, Rick Faircloth
Well, the good news is that I can include the application variables in the
AJAX post and pass them into the contact.cfc (which is also out of the
webroot and in the library) via the AJAX call to contact.cfc.
The bad news is, I have to type all those application variables into every
AJAX call.
sigh No, Matt... I didn't say your example is (not) relevant.
I stated, I don't see how your example is relevant.
See the difference? I put the fault on my part for not understanding your
example.
Your example may be perfectly relevant, but I couldn't see how.
I think you just misread my
Fair 'nuff. :-)
On Tue, Jun 25, 2013 at 3:11 PM, Rick Faircloth r...@whitestonemedia.comwrote:
sigh No, Matt... I didn't say your example is (not) relevant.
I stated, I don't see how your example is relevant.
See the difference? I put the fault on my part for not understanding your
IIS 7 has a rewrite module that you could null route this type of request
based on a regex.
Byron Mann
Lead Engineer Architect
HostMySite.com
On Tue, Jun 25, 2013 at 1:16 PM, John M Bliss bliss.j...@gmail.com wrote:
I don't have PHP installed so I guess I'm not vulnerable, right?
Any
In your first code example the QuestionSetID1 input isn't closed /. It's
possibly your browser could be merging that element and the next one together
so it appears that QuestionUUID1 is not in the post.
Be grateful if another set of eyes could look at this please as I can't see
an issue with
Using IIS 6. Any other ideas?
On Tue, Jun 25, 2013 at 3:26 PM, Byron Mann byronos...@gmail.com wrote:
IIS 7 has a rewrite module that you could null route this type of request
based on a regex.
Byron Mann
Lead Engineer Architect
HostMySite.com
On Tue, Jun 25, 2013 at 1:16 PM, John M
Rick,
I don't know if this will help, but I've read about people creating
proxy CFCs in or below the webroot specifically for AJAX requests.
Those proxy CFCs either extend the protected CFCs (the ones outside
the webroot) or have functions that call the protected CFCs through
createObject()
Fuseguard will auto-kill requests like that. Will send a forbidden
response back.
Warm Regards,
Jordan Michaels
On 06/25/2013 10:16 AM, John M Bliss wrote:
I don't have PHP installed so I guess I'm not vulnerable, right?
Any idea how to have CF (or IIS) auto-kill requests like this?
On
Thanks. Any free solutions?
On Tue, Jun 25, 2013 at 3:44 PM, Jordan Michaels jor...@viviotech.netwrote:
Fuseguard will auto-kill requests like that. Will send a forbidden
response back.
Warm Regards,
Jordan Michaels
On 06/25/2013 10:16 AM, John M Bliss wrote:
I don't have PHP
http://www.modsecurity.org/index.html
Higher learning curve then fuseguard, but will do the job.
Warm Regards,
Jordan Michaels
On 06/25/2013 12:49 PM, John M Bliss wrote:
Thanks. Any free solutions?
On Tue, Jun 25, 2013 at 3:44 PM, Jordan Michaels jor...@viviotech.netwrote:
Fuseguard
Thanks. It looks like that relies on edits to:
\IIS webroot\web.config
With IIS 6 and ACF (no .NET), I do not even have that file present. Do you
know: do I just add it as a blank text file and then start throwing
ModSecurity stuff into it?
On Tue, Jun 25, 2013 at 4:00 PM, Jordan Michaels
Thanks. It looks like that relies on edits to:
\IIS webroot\web.config
With IIS 6 and ACF (no .NET), I do not even have that file present. Do you
know: do I just add it as a blank text file and then start throwing
ModSecurity stuff into it?
The web.config file is XML, not plaintext. And I
http://www.modsecurity.org/projects/modsecurity/iis/
On Tue, Jun 25, 2013 at 8:49 PM, John M Bliss bliss.j...@gmail.com wrote:
Thanks. Any free solutions?
On Tue, Jun 25, 2013 at 3:44 PM, Jordan Michaels jor...@viviotech.net
wrote:
Fuseguard will auto-kill requests like that. Will
OK. I confirmed that .NET is installed from:
http://www.microsoft.com/en-us/download/details.aspx?id=17851
...added this web.config file:
?xml version=1.0 encoding=utf-8 ?
configuration
system.web
/system.web
system.webServer
ModSecurity enabled=true
...and then tried original hack attempt. Ended up looking at normal page,
not a denied message. Any ideas as to what to try next?
I'm pretty sure you have to configure modsecurity to reject the URL
pattern via SecFilter rules.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Thanks for that info, Carl...
I think I read somewhere about that while researching. I'll take another
look and see if I can make that work. It'll beat typing in all the
application variables for every call to the cfc's!
Rick
On Tue, Jun 25, 2013 at 3:39 PM, Carl Von Stetten
http://www.isapirewrite.com/
Maybe another alternative for IIS6. I think modsecurity is for IIS7 from
what I saw in the documentation.
Byron Mann
Lead Engineer Architect
HostMySite.com
~|
Order the Adobe Coldfusion Anthology
45 matches
Mail list logo