Custom RSS 2.0 Feed
Select the tags below that you want included in your custom RSS 2.0 feed:
The Blog Of Ben Nadel On Obsessively Thorough Web Application Development
Loading....
Prev
Next
Ben Nadel at RIA Unleashed (Nov. 2009) with: ( photo link )
-
Jason Delmore
Website
I am the chief software engineer at Epicenter Consulting, a boutique software
company in New York City that specializes in developing high-end, customized business
solutions using ColdFusion and jQuery.
( more )
Loading....
Custom RSS 2.0 Feed
Nov 20, 2009 at
4:46 PM
@Todd, That's understandable. I am not sure if this really leaves any more security holes than the fact that using old cookie-based CFID / CFTOKEN values will create a new session using the old CFI
... read »
Nov 20, 2009 at
4:42 PM
My opinion is that I don't think auto-generating your own CFID/CFTOKEN is recommended. I'll have to wait for Micha to answer what the ramifications are, but he probably didn't allow this in Railo for
... read »
Nov 20, 2009 at
4:31 PM
@Todd, Yeah, each phone has a unique ID; this is the value that is being used to hack the custom CFID / CFTOKEN session values.
... read »
Nov 20, 2009 at
4:23 PM
Is there no unique (device or otherwise) id that gets passed in the request that you can shove into the application scope?
... read »
Nov 20, 2009 at
4:21 PM
@Todd, I mean "bug" only in the sense that it deviates from the way "Adobe ColdFusion" implements it.... only so far in that Railo is an open-source version of ColdFusion. I guess it depends on w
... read »
Nov 20, 2009 at
4:18 PM
Not sure how it's a bug, definitely a difference. I don't want my users or coders creating their own CFID/CFTOKEN. That's the server's job.
... read »
Nov 20, 2009 at
4:16 PM
@Todd, Touche ;)
... read »
Nov 20, 2009 at
4:14 PM
@Dave: Well, Ben did say in his video that it was a bit of a hack. :D
... read »