David Epler
Member since Dec 11, 2008
- Profile: /members/1301-david-epler.htm
- URL: http://www.dcepler.net
- Comments: 3
Recent Blog Comments By David Epler
-
For Better Security Use HtmlEditFormat() In Conjunction With JSStringFormat() In ColdFusion
Posted on Jan 2, 2014 at 11:15 AM
I would echo what Andy says in using the OWASP ESAPI encoders instead of HTMLEditFormat() or JSStringFormat() (and XMLFormat(), URLDecode(), URLEncodedFormat()) since the ESAPI encoders/decoders are much better tested. Because of this there is a good chance that HTMLEditFormat (and other functions t... read more »
-
Does The World Know That You Use ColdFusion?
Posted on Aug 16, 2007 at 10:54 AM
Actually, playing with this a bit more. Tried out houseoffusion.com through builtwith and it reports back ColdFusion for the framework. House of Fusion does not report a X-Powered-By , so what ever they are analyzing to report ColdFusion is probably also tied to session cookies CFGLOBALS, CFID, CF... read more »