home Links Articles Books Past Meetings Photos SiteMap
The MDCFUG is sponsored by TeraTech. Visit us at www.TeraTech.com

Please send
comments/questions to

michael@
teratech.com

 
ColdFusion Code Security

ColdFusion Code Security

10/8/02


Click here to start


Table of Contents

ColdFusion Code Security

Speaker Information

Introduction

ColdFusion Security

Not covered in this talk

Error handling

Error handling code

Form Validation

Why is validation important?

Underscore Validation

CFFORM Validation

Javascript Validation

CF Validation

Authentication

Fake form submits

Fake URLs

Fake cookies

Page Validation

CFQUERYPARAM

Protect CFINCLUDE and CFMODULE files

Code to protect CFINCLUDE files

Code Defensively

Datasource password

Input massaging

CFCONTENT

Logins

Authentication

Members Only

Session, client and cookies

Session, client and cookies

Session, client and cookies

Timeouts

Session Tracking

Session hang over

Remember Me

Members Only

Back button hacking

Encryption

Hashing passwords

Refresh Issues

Resources

What Security Means

Next Steps

Author: Michael Smith

Home | Links | Articles | Past Meetings | Meeting Photos | Site Map
About MDCFUG | Join | Mailing List |Forums | Directions |Suggestions | Quotes | Newbie Tips
TOP

Copyright © 1997-2017, Maryland Cold Fusion User Group. All rights reserved.
< >