Highlighted

Finding page location in cf

Participant ,
Dec 09, 2014

Copy link to clipboard

Copied

Hi People,

When I am using iframes or frames (older sites), as a extra security precaution I use the JavaScript function:

<SCRIPT LANGUAGE="JavaScript1.1">

if (top == self) self.location.href = "../index.cfm";

</SCRIPT>

<cfif (HTTP_REFERER DOES NOT CONTAIN "referer_page.cfm")

<cfabort>

</cfif>

It works great to keep visitors (hackers?) from opening and/or trying to post to the page.

The problem is that the JavaScript displays in source code and the less they know...

I know the JS is client side but is there anyway to create the function in the server side CF or otherwise hide from prying eyes?

I a running cf9 on my and most of my client sites.

Thank in advance

Views

106

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Finding page location in cf

Participant ,
Dec 09, 2014

Copy link to clipboard

Copied

Hi People,

When I am using iframes or frames (older sites), as a extra security precaution I use the JavaScript function:

<SCRIPT LANGUAGE="JavaScript1.1">

if (top == self) self.location.href = "../index.cfm";

</SCRIPT>

<cfif (HTTP_REFERER DOES NOT CONTAIN "referer_page.cfm")

<cfabort>

</cfif>

It works great to keep visitors (hackers?) from opening and/or trying to post to the page.

The problem is that the JavaScript displays in source code and the less they know...

I know the JS is client side but is there anyway to create the function in the server side CF or otherwise hide from prying eyes?

I a running cf9 on my and most of my client sites.

Thank in advance

Views

107

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Dec 09, 2014 0

Have something to add?

Join the conversation