A web browser is responsible entity for securing data on client system when it traverses on the internet. It is not possible for a web server for the security between the server and client system. It is possible for hacker to crack the SSL certificate holding attacks. So, it becomes a ColdFusion administrator’s job to protect sites from hackers.
In terms of code, Adobe recommends using the following techniques in your CFML:
Use <cfheader> to define a character set in HTML output.
Secure Ajax calls with the isjson and Verify Client function, the secureJSON and other secure JSON application properties, and the tag attribute.
Properly scope all variables.
Escape and replace special characters and tags content in Java.
Use the scriptProtect setting, described in the next section.
Hope you have liked this post ! Thanks for reading it !
reference links -
- (no comments)