Miscellaneous Changes

Forum|Forum|13 years ago
March 8, 2012
2 replies
1361 views

This question was posted in response to the following article: http://help.adobe.com/en_US/ColdFusion/10.0/Developing/WSe61e35da8d3185183e145c0d1353e31f559-7ff7.html

Documentation

This topic has been closed for replies.

itisdesign_-_AH

Inspiring

The last bullet can be deleted. CF10 Final restored cfform's default form action. To prevent XSS, CF seemingly uses encodeForHTMLAttribute() on the CGI.SCRIPT_NAME portion and encodeForURL() on each URL param's name & value.

Thanks,

-Aaron

Charlie Arehart

Community Expert

About the last bullet, the language is a little unclear. But "does not generate the same", it seems you mean "does not generate the current URL as the action". That may be a bit more clear. What's not clear is what will be generated.. Might be helpful to indicate. Also, as for the jvm.config tweak, doesn't that need a - in front of the D?

/Charlie (troubleshooter, carehart. org)

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded