Skip to Main Content
Hack Proofing Your Web Applications
book

Hack Proofing Your Web Applications

by Syngress
June 2001
Intermediate to advanced content levelIntermediate to advanced
512 pages
18h 49m
English
Syngress
Content preview from Hack Proofing Your Web Applications
418 Chapter 10 • Securing ColdFusion
www.syngress.com
Exposing Included Code
An additional problem shows itself with the usage of this tag.
Many people like to segment their code into reusable files that can
be included with the CFINCLUDE tag. For organization, they usu-
ally place these files in subdirectories to their application. Common
subdirectory names include includes, queries, display, and so on.
Depending on how they set up their Web server, this may cause
a security problem. If a Web server has directory browsing turned
on (which should never happen), looking at an includes directory
(for example) will result in a list of all the files to be included. ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Developer's Guide to Web Application Security

Developer's Guide to Web Application Security

Michael Cross
The CERT® Oracle® Secure Coding Standard for Java™

The CERT® Oracle® Secure Coding Standard for Java™

Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, David Svoboda
Troubleshooting CentOS

Troubleshooting CentOS

Jonathan Hobson

Publisher Resources

ISBN: 9781928994312