?
Solved

disabled "Global Script Protection" in CF Administrator to allow OBJECT and EMBED tags; is there another way to allow these tags?

Posted on 2011-03-04
7
Medium Priority
?
578 Views
Last Modified: 2012-05-11
ColdFusion Version 9.0.1
Latest hotfixes applied.

In brief:

In ColdFusion Administrator I turned off (unchecked) "Enable Global Script Protection". I know it is not safe to disable Global Script Protection. Is there a way to enable Global Script Protection but tell ColdFusion to permit EMBED and OBJECT tags?

Details:

Why did I disable Global Script Protection? Because I use the TinyMCE javascript WYSIWYG editor, and when I try to embed these tags: OBJECT; EMBED, then ColdFusion automatically removes them and replaces them with "InvalidTag". This problem is documented on Ray Camden's blog:

http://www.coldfusionjedi.com/index.cfm/2007/1/5/Where-the-heck-is-InvalidTag-coming-from

So, I need to figure out a way to enable Global Script Protection, yet tell ColdFusion to permit EMBED and OBJECT tags. Can I add a line to application.cfc to achieve this? Thank you for any advice.

Eric
0
Comment
Question by:Eric Bourland
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 52

Expert Comment

by:_agx_
ID: 35040163
The comments in the link suggest adding: scriptProtect = "No" would work.
0
 
LVL 3

Author Comment

by:Eric Bourland
ID: 35040222
>>>scriptProtect = "No"

I saw that too ... but am not sure where to enter that parameter.

I saw this:

<cfapplication name="#prefix#_blog_#blogname#" sessionManagement="true" loginStorage="session" scriptprotect="none">

but I do not use the cfapplication tag.

Would it go in application.cfc?
0
 
LVL 52

Accepted Solution

by:
_agx_ earned 2000 total points
ID: 35040268
Yes. You set it  in the first section where the application name, sessionMangement, ... are declared.

    <cfset this.name = "MyApplication">
    <cfset this.scriptProtect = "No" >
    etc....
0
Quick Start: DOCKER

Sometimes you just need a Quick Start on a topic in order to begin using it.. this is just what you need to know to get up and running with Docker!

 
LVL 52

Expert Comment

by:_agx_
ID: 35040277
0
 
LVL 3

Author Comment

by:Eric Bourland
ID: 35040305
This worked like a charm.

Holy bananas. I was working on that problem for weeks. In the process I did a great deal about the very useful TinyMCE editor.

Thank you as always, _agx_. =)

E
0
 
LVL 3

Author Closing Comment

by:Eric Bourland
ID: 35040320
Thank you as always, _agx_.
0
 
LVL 52

Expert Comment

by:_agx_
ID: 35040337
Welcome :)
0

Featured Post

Tutorials alone can't teach real engineering

So we built better training tools.

-Hands-on Labs
-Instructor Mentoring
-Scenario-Based Tests
-Dedicated Cloud Servers

All at your fingertips. What are you waiting for?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PROBLEM: How to add your own buttons to the bottom toolbar with paging info ( result count ). While creating a cfgrid, I ran into an issue where I wanted to embed my own custom buttons where the default ones ( insert / delete / etc… ) are for aes…
Recently while working on a project I got a very annoying cfdocument has no body error message. I had never seen this error before. So I checked the code. The code was pretty simple; it was Just showing me the cfdocumnt tag and inside that tag a …
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question