|
Using url rewriting ( .htaccess or httpd.ini ) to block hot linking resources |
||||||||
This also uses up your servers bandwidth rather than theirs. This article explores how I use a URL access file, either .htaccess of http.ini depending on your platform, to stop other domains from linking directly to your hosted resources.
|
The Coldfusion Hash() function decoded - kind of |
||||||||
I've always believed that using the hash() function in ColdFusion is a one way process. If I wanted to reverse a string I had to use encode() and decode(). The Adobe documentation states that "It is not possible to convert the hash result back to the source string" - Adobe Docs for Hash().
Strictly speaking this is still true, but some bright spark has decided to host an MD5 string database and provide a lookup service.
|
Permission denied for javascript methods, SSL security error between parent and child windows |
||||||||
I recently integrated a postcode lookup service into a checkout process, it constituted a pop up window, with a Webservice http call to return a JSON object of postcode data.
The data itself was returning successfully, and is output into a select field, so that the user can choose one of the address records from the many returned.
The problem I had arose when I ran a script to write the selected address data back from the pop up window to the parent window. Something like this:
2 $(document).ready(function() {
3
4 $('.submitButton').click(function() {
5
6 var selectedPcode = $('.address').val();
7
8 if (selectedPcode == undefined) {
9 alert('Please select an address')
10 }
11
12 else {
13 //split the string
14 var mySplitResult = selectedPcode.split(",");
15
16 var street = mySplitResult[0];
17 var area = mySplitResult[1];
18 var town = mySplitResult[2];
19
20 street = jQuery.trim(street);
21 area = jQuery.trim(area);
22 town = jQuery.trim(town);
23
24// set the parent form field values
25window.opener.document.form.evAddress1.value = street;
26window.opener.document.form.evAddress2.value = area;
27window.opener.document.form.evTown.value = town;
28window.close();
29
30 }
31
32 });
33 });
34</s/cript>
The code above will just split out the address parts and write them out to the corresponding fields in a form in the parent window. At this point I was seeing an error message:
The problem stems from the fact that the parent window is served under SSL and the pop up was not.
So make sure that your parent and child windows are both served under the same protocol, otherwise I guess it is being stopped as an inject hack, as it appears to be on a different domain.
|
Securing server side Coldfusion code with cfcompile |
||||||||
If you ever need to protect your intellectual property, or you have suspicions that your code maybe be accessed on a server to be tampered with, then your best option is to compile your code base.
This article addresses how to use the cfcompile command, and what it actually does to your code base.
