Thanks Shawn and Cameron!
You guys got me to start looking into this issue. I didn’t realize some of the
possibilities that might have been unprotected. Fusionlink is my server ISP, so
I will probably use Portcullis.
But, here’s my follow-up question. It makes sense to me to have the XSS
Clarke,
I can't speak to how Portcullis does it, but cf_xssblock allows for you to
exclude fields from each of the different sets of rules. It isn't exactly a
scalpel, but it isn't exactly the club that earlier versions used to be.
You're right about using it in onRequest, which was my
On Wed, Jan 20, 2010 at 9:39 AM, Clarke Bishop cbis...@resultantsys.com wrote:
But, then, for my admin pages, where I want to allow logged in users to
submit forms with meta tags and javascript, how do I disable the XSS
check. If the XSS check is in OnRequest, it already happened before I got
Hey folks!
I'm trying to use a java object to get some page load data to use in a
reporting tool.
On my local dev box it all works. In production it dies. I am running CF8
in both spots.
cfset codeFactory =
CreateObject(java,coldfusion.server.ServiceFactory) /
cfset getDebugDataSet =
Question. Is debugging enabled on your production server?
From: Rudi Shumpert shump...@gmail.com
To: discussion@acfug.org
Sent: Wed, January 20, 2010 4:34:46 PM
Subject: [ACFUG Discuss] Error with Java Object
Hey folks!
I'm trying to use a java object to get
No.
Sent from my iPhone
On Jan 20, 2010, at 4:38 PM, shawn gorrell chees...@yahoo.com wrote:
Question. Is debugging enabled on your production server?
From: Rudi Shumpert shump...@gmail.com
To: discussion@acfug.org
Sent: Wed, January 20, 2010 4:34:46 PM
Don't worry. I use either open source code or get permission before hand.
Your isp may have access to internal java objects turned off.
John
ma...@fusionlink.com
Rudi Shumpert wrote:
Hey folks!
I'm trying to use a java object to get some page load data to use in a
reporting tool.
On my
Sounds like you have a winner for what the problem is. Another option is that
access to the servicefactory classes is restricted. I seem to recall there
being a setting to do so on CF8...
From: Rudi Shumpert shump...@gmail.com
To: discussion@acfug.org
It is because of the debugging. Is there a way to access the execution
times without having debugging turned on?
-Rudi
On Wed, Jan 20, 2010 at 4:46 PM, shawn gorrell chees...@yahoo.com wrote:
Sounds like you have a winner for what the problem is. Another option is
that access to the
So let me ask this.
If I have to have debugging on for all IP's to have this work, how bad is it
to create a blank rudidebug.cfm page and select that as the debug template
in the CF Admin. Is this a major no-no or a major performance hit?
-Rudi
On Wed, Jan 20, 2010 at 4:43 PM, John Mason
I really don't remember. I'm sure Charlie or John would know off the top of
their heads.
From: Rudi Shumpert shump...@gmail.com
To: discussion@acfug.org
Sent: Wed, January 20, 2010 7:05:34 PM
Subject: Re: [ACFUG Discuss] Error with Java Object
It is because
On Wed, Jan 20, 2010 at 7:25 PM, Rudi Shumpert shump...@gmail.com wrote:
If I have to have debugging on for all IP's to have this work, how bad is it
to create a blank rudidebug.cfm page and select that as the debug template
in the CF Admin. Is this a major no-no or a major performance hit?
On Wed, Jan 20, 2010 at 9:05 PM, Cameron Childress camer...@gmail.com wrote:
It doesn't matter if you have debugging turned on for one IP or all
IPs. Debug info is collected for all user, then only show to certian
IP addresses.
To be a bit clearer, it's the collection of the debugging data
Cameron,
Thanks for the clarification.
-Rudi
On Wed, Jan 20, 2010 at 9:11 PM, Cameron Childress camer...@gmail.comwrote:
On Wed, Jan 20, 2010 at 9:05 PM, Cameron Childress camer...@gmail.com
wrote:
It doesn't matter if you have debugging turned on for one IP or all
IPs. Debug info is
I guess at this point we have to ask exactly what you want to do.
Knowing the specific goals may yield some other options.
John
ma...@fusionlink.com
Rudi Shumpert wrote:
Cameron,
Thanks for the clarification.
-Rudi
On Wed, Jan 20, 2010 at 9:11 PM, Cameron Childress
15 matches
Mail list logo