Solved

Hiding CFID and CFTOKEN information from the URL.

Posted on 2004-08-04
2
1,458 Views
Last Modified: 2013-12-24
Hello,

In my ColdFusion application, even though I am using cookies, the CFID and CFTOKEN information is not part of the URL, which is great because I am not interested in using URL rewriting.

However, at some places, CFID and CFTOKEN info shows up in the URL string. I believe it happens after I use the CFLocation tag for redirection. Please help, how can I hide it even there.

Thanks!
0
Comment
Question by:asharma411
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 17

Accepted Solution

by:
anandkp earned 50 total points
ID: 11715510
when u use CFLOCATION - specify
<CFLOCATION URL="theurlfile.cfm" ADDTOKEN="No">

this wld avoid the CFID & CFTOKEN
0
 
LVL 35

Expert Comment

by:mrichmon
ID: 11716507
The key part in anand's post is the addtoken="no"

The default for cflocation is addtoken="yes" so if you don't specify it will add the CFID and CFTOKEN into the URL anytime you do a cflocation.
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Website being blocked? 3 145
.htaccess rewrite url with querystring problem 13 123
Web server settings related to keepalive 1 133
Nameserver and MX Record 2 82
Most ColdFusion developers get confused between the CFSet, Duplicate, and Structcopy methods of copying a Structure, especially which one to use when. This Article will explain the differences in the approaches with examples; therefore, after readin…
One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question