Copy link to clipboard
Copied
My agency recently started using HP's Fortify Scan tool, which is designed to scan CF code directly, rather than the rendered page. The scanner always seems to flag our pages for a certain error when I use the following code (used to create a PDF on the fly):
<cfheader name="Content-Disposition" value="attachment;filename=#pdffile#">
<cfcontent type="application/octet-stream" file="#expandPath('.')#\#pdffile#" deletefile="Yes">
01. is line 299 in my code.
I'm basically generating a filename elsewhere on the page that's based on what a user is requesting, then using the code above to create a downloadable PDF of that file.
The error is:
Header Manipulation (Input Validation and Representation, Data Flow)
The file myfile.cfm includes unvalidated data in an HTTP response header on line 299. This enables attacks such as cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.
I'm thinking there's one of two potential issues.
Any thoughts?
You need to scope the pdffile variable. Without a specific scope it could be overwritten by incoming url or form variables. I would try that then run the scan again.
HTH,
--Dave
Copy link to clipboard
Copied
You need to scope the pdffile variable. Without a specific scope it could be overwritten by incoming url or form variables. I would try that then run the scan again.
HTH,
--Dave
Copy link to clipboard
Copied
So you mean something like:
#request.pdffile#
Copy link to clipboard
Copied
Yes... that is what I mean.
--Dave
Copy link to clipboard
Copied
Thanks! I'll try that tomorrow.
Copy link to clipboard
Copied
Thanks Dave,
That cleaned up the scan results. You rock!
Copy link to clipboard
Copied
No problem. Glad you got it all squared away.