...@acfug.org [mailto:ad...@acfug.org] On Behalf Of shawn gorrell
Sent: Tuesday, January 19, 2010 6:26 PM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] ScriptProtect=none
Clark, IMO scriptprotect is a total and utter waste of time. Abandon it.
If you're interested in something better, and more
intent of the tag. You
could always have conditionally based tag invocations using the path.
S
From: Clarke Bishop cbis...@resultantsys.com
To: discussion@acfug.org
Sent: Wed, January 20, 2010 9:39:06 AM
Subject: RE: [ACFUG Discuss] ScriptProtect=none
Thanks
On Wed, Jan 20, 2010 at 9:39 AM, Clarke Bishop cbis...@resultantsys.com wrote:
But, then, for my admin pages, where I want to allow logged in users to
submit forms with meta tags and javascript, how do I disable the XSS
check. If the XSS check is in OnRequest, it already happened before I got
I know it's a good practice to use CF's ScriptProtect feature.
But, I have an admin page in a CMS, and I need to be able to turn off
ScriptProtect for that page. Otherwise, CF inserts InvalidTag messages!
Is there a way to turn off ScriptProtect for one page only?
Thanks for any
On Tue, Jan 19, 2010 at 5:41 PM, Clarke Bishop cbis...@resultantsys.com wrote:
I know it’s a good practice to use CF’s ScriptProtect feature.
I'm not sure I agree with that. There are many other better solutions
that cover you alot more completely.
-Cameron
--
Cameron Childress
Sumo