CGI.HTTP_REFERER and CFMX

hi,

i am have moved an application that originally resided on a cf 5.0 server and now resides on a cfmx server. i have worked out some syntax issues with having the application on the cfmx server, however i am stuck on one issue.

in our application, we have a url that allows people to switch back and forth between the admin mode. the link is called "Toggle Adminmode".

if you click on that link, you are supposed to stay on the page where you were at and a red message at the top will appear that says " you are now in administrative mode".

however, what used to work on cf 5.0 is not working on cfmx. i believe i have narrowed down the issue to this...

<cflocation url="#Right(CGI.HTTP_REFERER,Len(CGI.HTTP_REFERER)-FindNoCase('index.cfm',  CGI.HTTP_REFERER )+1)#">

does anyone see why this would not work in CFMX?? or is there another way to write this??

thank you so much. :-)
MameaAsked:
Who is Participating?
 
Renante EnteraSenior PHP DeveloperCommented:
Hi Mamea!

Of course, there's a way to get rid off those values to appear on the URL.  Set <CFLOCATION> attribute "ADDTOKEN" to "NO".

So, this would be the code :  <cflocation url="#Right(CGI.HTTP_REFERER,Len(CGI.HTTP_REFERER)-FindNoCase('index.cfm',  CGI.HTTP_REFERER )+1)#" ADDTOKEN="No">

Hope this helps.


Regards!
eNTRANCE2002 :-)
0
 
Renante EnteraSenior PHP DeveloperCommented:
Hi Mamea!

I haven't encountered any problem regarding your code.  But I think that you must have to take note the value of CGI.HTTP_REFERER.

Perhaps, different behavior will occur during the following instances :

1.  If CGI.HTTP_REFERER value is blank
2.  If "index.cfm" is not found in CGI.HTTP_REFERER

You should have to track first the value of CGI.HTTP_REFERER.

Hope this makes sense.


Regards!
eNTRANCE2002 :-)
0
 
trailblazzyr55Commented:
Maybe trying a cfdump of the CGI.HTTP_REFERER value on your page will show what values you have for it an be easier to debug :o)
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

 
MameaAuthor Commented:
hi,

thanks for both of your answers. when i output the CGI.HTTP_REFERER everything looks fine. however, what i have noticed on cfmx and not in cf 5.0 is the the CFID and CFTOKEN are attached to the urls. is there a way to get rid of those?? maybe if i got rid of those then the url would work.

thanks again for any help. :-)
0
 
MameaAuthor Commented:
Thank you once again eNTRANCE2002 for your help!! you have helped me 2 times already with the same issue of moving a cf 5.0 app to cfmx. amazing that something so small can fix the problem! so i added that addtoken="no" and everything works fine know. thanks again :-)
0
 
Renante EnteraSenior PHP DeveloperCommented:
Oh!  That's great.

I'm glad that I have helped you.  Hope to help you again.


Regards!
eNTRANCE2002 :-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.