troubleshooting Question

ColdFusion Application.CFC Will Script run on page load through Application.cfc?

Avatar of Albee_J
Albee_J asked on
Web Development SoftwareColdFusion Language
7 Comments1 Solution247 ViewsLast Modified:
We are currently under attack with a script bases SQL injection.  Slapping the <script .js > into all of our ntext and nvarchar fields.  One of the ways we are trying to prevent this is by putting the below script into our Application.cfc.  What we don't know is if this will run on page load on all of our forms?

<cfloop list="#FORM.FieldNames#" index="i">
<cfscript>
FORM[i] = replace(FORM[i],'<','&lt;','ALL');
FORM[i] = replace(FORM[i],'<','&gt;','ALL');
FORM[i] = replace(FORM[i],'"','&quot;','ALL');
FORM[i] = replace(FORM[i],'''',' ','ALL');
</cfscript>
</cfloop>
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 7 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 7 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros