Coldfusion shows source code
|
View:
New views
7 Messages
—
Rating Filter:
Alert me
|
 |
Coldfusion shows source code
by Martin Lundin
::
Rate this Message:
Hi I'm running coldfusion on Mac OS X Server 10.4.
if i change the .cfm extension in the browser from ex "index.cfm" to "index.CFM" coldfusion reveals all sourcecode! is there any solution for this? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Mac/message.cfm/messageid:3063 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:48 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.48 |
|
|
Re: Coldfusion shows source code
by Lola J. Lee Beno
::
Rate this Message:
Martin Lundin wrote:
> Hi I'm running coldfusion on Mac OS X Server 10.4. > > if i change the .cfm extension in the browser from ex "index.cfm" to "index.CFM" coldfusion reveals all sourcecode! > > is there any solution for this? > Edit your .htaccess file . . . or the apache config file. -- Lola - mailto:lola@... http://www.lolajl.net | Blog at http://www.lolajl.net/blog/ Freedom is not free. I'm in Bowie, MD, USA, halfway between DC and Annapolis. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Mac/message.cfm/messageid:3064 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:48 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.48 |
|
|
Re: Coldfusion shows source code
by Martin Lundin
::
Rate this Message:
Can you specify more exactly what I need to do?
/martin 28 jul 2006 kl. 21.38 skrev Lola J. Lee Beno: > Martin Lundin wrote: >> Hi I'm running coldfusion on Mac OS X Server 10.4. >> >> if i change the .cfm extension in the browser from ex "index.cfm" >> to "index.CFM" coldfusion reveals all sourcecode! >> >> is there any solution for this? >> > > Edit your .htaccess file . . . or the apache config file. > > > -- > Lola - mailto:lola@... > http://www.lolajl.net | Blog at http://www.lolajl.net/blog/ > Freedom is not free. > I'm in Bowie, MD, USA, halfway between DC and Annapolis. > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Mac/message.cfm/messageid:3065 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:48 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.48 |
|
|
Re: Coldfusion shows source code
by Nathan Dintenfass
::
Rate this Message:
Are you using Apache or JRun (or ??) as your web server?
Martin Lundin wrote: > Hi I'm running coldfusion on Mac OS X Server 10.4. > > if i change the .cfm extension in the browser from ex "index.cfm" to "index.CFM" coldfusion reveals all sourcecode! > > is there any solution for this? > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Mac/message.cfm/messageid:3066 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:48 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.48 |
|
|
|
|
|
Re: Coldfusion shows source code
by Dean H. Saxe
::
Rate this Message:
IIRC, there is an extension to apache to make it case insensitive
like the MacOS file system. -dhs Dean H. Saxe, CISSP, CEH dean@... Here in America everything is bought and sold, you can get anything for little bits of gold. We'll rape the earth and ruin the air, cut down every tree from here to there. -- Donna The Buffalo "America" On Jul 28, 2006, at 4:08 PM, Martin Lundin wrote: > I'm using Apache 1.3.33 as web server. > > /Martin > > 28 jul 2006 kl. 21.56 skrev Nathan Dintenfass: > >> Are you using Apache or JRun (or ??) as your web server? >> >> >> >> Martin Lundin wrote: >>> Hi I'm running coldfusion on Mac OS X Server 10.4. >>> >>> if i change the .cfm extension in the browser from ex "index.cfm" >>> to "index.CFM" coldfusion reveals all sourcecode! >>> >>> is there any solution for this? >>> >>> >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Mac/message.cfm/messageid:3068 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:48 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.48 |
|
|
Re: Coldfusion shows source code
by Steven Erat
::
Rate this Message:
I could not reproduce this on Mac OS X 10.4 / Apache 1.3.33 / CFMX 7.02.
When using upper case .CFM in browser, Apache wrote an Internal Server Error to the screen, and verbose connector logging wrote this to the /var/log/httpd/error_log: [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] jrun_trans: server is 0x1802648, virtual 0 [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] HOST: localhost [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] filtering /foo.CFM (/opt/docroot/foo.CFM) HOST=localhost [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] filterRequest: no match [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] jrun_service: server is 0x1802648, virtual 0 [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] jrun_service: jrun-proxy-target not found, index -1 [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] HOST: localhost [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] filtering /foo.CFM (/foo.CFM) HOST=localhost [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] filterRequest: no match [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] request not for JRun. [Fri Jul 28 19:10:46 2006] [notice] jrApache[4116:51714] JRun will not accept request. Check JRun web server configuration and JRun mappings on JRun server. I also tried creating a file with upper case .CFM on the file system and found I could only access it from a browser using a .cfm in lowercase. -Steven Erat ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Mac/message.cfm/messageid:3070 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:48 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.48 |
| Free embeddable forum powered by Nabble | Forum Help |
