Skip to main content
Ben Nadel at InVision In Real Life (IRL) 2018 (Hollywood, CA) with: Michelle Kong and Aaron Grewell and Shawn Grigson and Jeremy Mount and Kevin Johnson and David Epler and Johnathan Hunt and Sara Dunnack and Jeremy Kicklighter
Ben Nadel at InVision In Real Life (IRL) 2018 (Hollywood, CA) with: Michelle Kong , Aaron Grewell , Shawn Grigson@shawngrig ) , Jeremy Mount , Kevin Johnson , David Epler@dcepler ) , Johnathan Hunt@JHuntSecurity ) , Sara Dunnack@SunnE_D ) , and Jeremy Kicklighter

David Epler

Member since Dec 11, 2008

Recent Blog Comments By David Epler

  • For Better Security Use HtmlEditFormat() In Conjunction With JSStringFormat() In ColdFusion

    Posted on Jan 2, 2014 at 11:15 AM

    I would echo what Andy says in using the OWASP ESAPI encoders instead of HTMLEditFormat() or JSStringFormat() (and XMLFormat(), URLDecode(), URLEncodedFormat()) since the ESAPI encoders/decoders are much better tested. Because of this there is a good chance that HTMLEditFormat (and other functions t... read more »

  • Does The World Know That You Use ColdFusion?

    Posted on Aug 16, 2007 at 10:54 AM

    Actually, playing with this a bit more. Tried out houseoffusion.com through builtwith and it reports back ColdFusion for the framework. House of Fusion does not report a X-Powered-By , so what ever they are analyzing to report ColdFusion is probably also tied to session cookies CFGLOBALS, CFID, CF... read more »