Quantcast
Channel: Adobe Community : Unanswered Discussions - ColdFusion
Viewing all articles
Browse latest Browse all 5794

Securing GraphData.cfm

$
0
0

Recently, some security audit testers have insisted that the error screen NOT BE SHOWN when /CFIDE/GraphData.cfm is called. They obtained the URL from one of our graph reports, which usually have a query string appended to it when called with CFCHART.

 

The resulting page is as attached, a Jrun Servlet Error 500 Internal Server Error page. They have categorized this under "Weaknesses in Error Handling mechanism" and insist that it should be improved.

 

Screenshot - 9_4_2013 , 11_42_13 AM.png

 

My question is :

 

Without messing about with

1) IIS MOD REWRITE, or

2) Engage complicated methods to generate a CFCHART image (ie generate CFCHART, save it to a temporary directory, and re-displaying it without going through GraphData.cfm)

 

Is there a way to get Coldfusion to not display this error when the URL in question is called?


Viewing all articles
Browse latest Browse all 5794

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>