Solved

Hiding CFID and CFTOKEN information from the URL.

Posted on 2004-08-04
2
1,449 Views
Last Modified: 2013-12-24
Hello,

In my ColdFusion application, even though I am using cookies, the CFID and CFTOKEN information is not part of the URL, which is great because I am not interested in using URL rewriting.

However, at some places, CFID and CFTOKEN info shows up in the URL string. I believe it happens after I use the CFLocation tag for redirection. Please help, how can I hide it even there.

Thanks!
0
Comment
Question by:asharma411
2 Comments
 
LVL 17

Accepted Solution

by:
anandkp earned 50 total points
ID: 11715510
when u use CFLOCATION - specify
<CFLOCATION URL="theurlfile.cfm" ADDTOKEN="No">

this wld avoid the CFID & CFTOKEN
0
 
LVL 35

Expert Comment

by:mrichmon
ID: 11716507
The key part in anand's post is the addtoken="no"

The default for cflocation is addtoken="yes" so if you don't specify it will add the CFID and CFTOKEN into the URL anytime you do a cflocation.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever sent email via ColdFusion and thought of tracking this mail to capture the exact date and time when the message was opened ?  If yes, then this article is for you ! First we need a table user_email with columns user_id , email , sub…
Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question