Script injection on .cfm pages

Similar Messages

• Dashboard image link with repository variable "script injection" warning.

  Hello,
  in order to make the migration easier we want to parameterize the URLs so they are centrally managed in the repository and not on every single dashboard page.
  Since I figured out the following works for a dashboard text item:
  '@{biServer.variables['NQ_SESSION.ROLES']}' 
  I just placed the same in the URL textbox for the image link
  '@{biServer.variables['NQ_SESSION.MYURLCONSTANT']}' 
  Then I get a "script injection" popup warning. Has anyone seen that before?
  The same happens when I try VALUEOF(NQ_SESSION.MYURLCONSTANT)
  I did not find anything by googling.
  How else to parameterize the URL´s?
  thanks

  I don't get any unresponsive script. It's best that the consumer contacts us as each case is different.
  Some things you can suggest:
  *Update to the latest version of Adobe Flash <br>
  *Clear cache and cookies <br>

• How can I add an existing cfm page to a project?

  CFB3 Question: How can I add an existing cfm page to a project? I created a project and copied a file into the project folder but I can't seem to find a way to add the cfm file into the project.

  @Carl - Well heck, yes I did... But after reading your response I went back and tried right-clicking on and refreshing different things and what worked was right-clicking on the project name in the Navigator window and then clicking on refresh in that context menu.
  Thank you Carl!

• Dreamweaver 8 not responding on cfm page

  I have an existing .cfm page that I'm adding
  <cfqueryparam> tags to several queries. Once I add the new
  code if I try to highlight it in code view Dreamweaver quits
  responding and peggs my processor and also uses around a gig of
  physical ram. This continues until I end the Dreamweaver task using
  Task Manager. The code is valid and works correctly through a web
  browser but hangs as soon as I try to select any text in
  dreamweaver. I'm wondering if anyone has experienced this type of
  issue and if so is there a way to stop it? Thanks in
  advance.

  On Wed, 4 Oct 2006 15:35:01 +0000 (UTC), "900spg"
  <[email protected]> wrote:
  >Just an update in case anyone else runs into this issue.
  I have deleted the
  >WinFileCache-*.dat as suggested above. I deleted the
  entire local configuration
  >directory and the registry keys for Dreamweaver as well.
  I did test the .cfm
  >page in question on a different machine running
  DreamweaverMX and it worked
  >just fine. I'm now in the process of rebuilding the
  entire page piece by piece
  >to try to determine the section of code that is causing
  this problem. When my
  >Dreamweaver hangs I get the following errors in my event
  viewer:
  > Hanging application Dreamweaver.exe, version 8.0.2.2809,
  hang module hungapp,
  >version 0.0.0.0, hang address 0x00000000.
  > and
  > Fault bucket 290312414.
  > A crash logs directory is not created. Will post more if
  I find the root cause
  >of the issue.
  I don't know if this is easier for you, but if you have more
  than one
  stick of RAM, you might try pulling them out one at a time.
  You might
  have a bad stick.

• Executing a shell script from a jsp page

  Hi,
  I'm facing a problem while executing a shell script from a jsp page.
  I'm using Runtime.exec() function.
  It's working fine for single statement scripts.But if the script consists of any database processing and some other processing statements,it's not returning the correct exit status of the process.
  Will u please help me in this.
  If there is any other ways to execute a shell script from a jsp page other than Runtime.exec() like RMI etc,.If so let me know.
  Thanks in advance.

  Hello,
  It's hard to help you but what you can do is listening to the outputs of your script, you should read the output stream and error stream and send them to the default console.
  Check this excellent article : http://www.javaworld.com/javaworld/jw-12-2000/jw-1229-traps.html?page=4
  Best regards,
  Olivier.

• .cfm pages won't display on CF10 on Windows server 2008

  I have a new VPS setup that has CF10 running on a Windows 2008 box.  My site is setup in IIS and I can navigate to any root folder in browser.  That's because the root folder(s) recognizes index.cfm as a default page.  However, any time I click a link or manually enter a URL string that contains ".cfm" (even on index.cfm pages that display without the actual full path written out) it throws a 404 error.  Has anyone else run into this?  I know the site is running correctly because like I said, if you enter the following URL: http://www.kyndoutdoors.com/ it will display correctly.  However, if you enter http://www.kyndoutdoors.com/index.cfm it will error.  HELP!

  The wildcard handler handles urls without filenames (http://www.kyndoutdoors.com/), and that appears to be working.  However, the specific IIS handler mappings for "*.cfm" does not appear to be.  You might try using the ColdFusion Web Server Configuration Tool (WSConfig) to remove the IIS connectors (then restart IIS), and then re-add the connectors.
  Another thought: were your IIS sites added to IIS after ColdFusion was installed and configured for IIS?  If so, the connectors appear to not be propogating forward for new sites.  I've seen this behavior before with ColdFusion 9 and IIS 7.5, but CF10 seems to handle this better.  Again, removing and re-adding the connectors seems to resolve these situations for me.
  EDIT:
  Hmmm. 404 errror actually makes me think this may be a file permissions issue.  What account is the ColdFusion service running as?  Make sure that account has permissions to the folder containing your website(s).
  -Carl V.
  Message was edited by: Carl Von Stetten

• I need a script to invert the page order of selected pages for cs5.

  Hello,
  I am a graphic designer and i am trying to create a easier way to make multiple page folders, By using the multiple page size feature in inDesign CS5. But my problem is that i can create the front side of the folder easier than before, the backside is my problem I need to inverse the page order manual, this creates a lot of mistakes and errors along the way. Thats why I need a script to invert the page order of the pages I select. I hope to hear from someone soon.
  My best regards,
  Gijs van Roij

  In /gateprd/ARCHIVE/*.arc
  This is the script to remove the archives after it has been backup by the netbackup policy named Archive. This policy removes the archives that have been backed up.
  /home/oracle/dba/scripts> more rmovarch.sh
  #!/bin/ksh
  # compress /gateprd/ARCHIVE/*.arc
  find /gateprd/ARCHIVE/*.arc -type f ! -exec echo {} > /home/oracl
  e/dba/lists/ARCHIVElist \;
  if test $(cat /home/oracle/dba/lists/ARCHIVElist|wc -l) -gt 0
  then
  echo "Hay archives. Se corre script de borrar"
  /home/oracle/dba/scripts/ARCHIVE_BACKUP.sh ARCHIVE
  else
  echo "No archives!!"
  fi

• Embedding video in cfm page

  I am trying to embed a video in a cfm page.  The FORM page before is where they can link the video URL and the preview page is where they can view the video (and other information) before it get submitted and saved in the database.
  on the FORM page I have the following code:  (there's much more code, but this is the coding that's related to what I am trying to do.
  <cfset #session.video# = #video#>
      <cfif (#video# is "") or (#left (sound, 7)# is not "http://")>
      <cfset #video# = "http://#video#">
    </cfif>
    <input name="video" type="text" size=43 maxlength=250 value="#video#"><br>
  Someone types in the url of the video (IE a youtube video or something similar)
  ON THE ITEM PREVIEW PAGE. I have the related coding
          <!--- define videoURL --->
      <cfif Left(session.video, 9) IS "http://ww">
        <cfset isVideo = "TRUE">
        <cfset videoURL = Trim(session.video)>
      <cfelse>
        <cfset isVideo = "FALSE">
      </cfif>
  <cfif isVideo>
                <cfoutput><br><b>Video:</b><object width="480" height="385"><param name="movie" value="#videoURL#"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="#videoURL#" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed></object></cfoutput>
              </cfif>
  Sooo what's suppose to happen is that you see a preview of the video, but nothing shows up
  The source code SHOWS the above information with the correct value of the video, but it doesn't show the player, etc.
  Not sure what i am doing wrong.
  it worked once, but I am not sure what I did or why it's not working now.

  What happens when you strip the code down to the bear essentials and do something like
  <cfoutput>
  <object width="480" height="385">
  <param name="movie" value="#videoURL#"></param>
  <param name="allowFullScreen" value="true"></param>
  <param name="allowscriptaccess" value="always"></param>
  <embed src="#videoURL#" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed>
  </object>
  </cfoutput>

• HT1338 hi, my firefox and safari are both having difficulty loading certain parts of web pages. previous to this my firefox would freeze and state that a script was not responding. i would stop the script and reload the page and everything would be fine.

  hi, my firefox and safari are both having difficulty loading certain parts of web pages. previous to this my firefox would freeze and state that a script was not responding. i would stop the script and reload the page and everything would be fine. now though the pages just load very very slowly or load leaving out certain pictures and video content. i've tried clearing my cache's and cookies, resetting my browser etc, but it seems like its a system issue as both safari and firefox are having issues. i've run Avast to screen for malware and it came up empty. any suggestions?

  10.4.8's been a pain for Networking... not sure of all the reasons though, or whether all the complaints might not be MS working around Bugs/Non-compliance, but at this point I think you should get Applejack...
  http://www.versiontracker.com/dyn/moreinfo/macosx/19596
  After installing, boot holding down CMD+s, then when the prompt shows, type in...
  applejack AUTO
  Then let it do all 5 of it's things.
  Fixes a lot of problems, and besides, if your Mac ever gets to the point it won't Boot... this is a life saver!
  After you run that... let's see where we are.
  BTW, several ISPs seem to have trouble with their DNS Servers lately, might try these insead...
  208.67.222.222
  208.67.220.220

• How do I add PHP Script to an XHTML Page?

  I am tring to add a PHP script to my XTHML page in Dream
  Weaver. The tag starts <?php and ends ?>. I have uploaded the
  script on to another site which I use for testing and it shows the
  whole code not the intended presentation. I did read that the
  server should support PHP scripts..I have been trying to research
  it online however I have had no luck.
  I have also tried publishing it to a local folder and it
  still didn't work. I am really lost!!!
  I am very new to building websites in dreamweaver so laymens
  terms would be great!!
  Thanks so much!
  John

  1. are you adding the php script in design view or code view?
  2. is the file name a .php?
  3. does your server support php?
  Dan Mode
  --> Adobe Community Expert
  *Flash Helps*
  http://www.smithmediafusion.com/blog/?cat=11
  *THE online Radio*
  http://www.tornadostream.com
  <--check this
  *Must Read*
  http://www.smithmediafusion.com/blog
  "jbravo1224" <[email protected]> wrote in
  message
  news:f32956$fj7$[email protected]..
  >I am tring to add a PHP script to my XTHML page in Dream
  Weaver. The tag
  >starts
  > <?php and ends ?>. I have uploaded the script on
  to another site which I
  > use
  > for testing and it shows the whole code not the intended
  presentation. I
  > did
  > read that the server should support PHP scripts..I have
  been trying to
  > research
  > it online however I have had no luck.
  >
  > I have also tried publishing it to a local folder and it
  still didn't
  > work. I
  > am really lost!!!
  >
  > I am very new to building websites in dreamweaver so
  laymens terms would
  > be
  > great!!
  >
  > Thanks so much!
  >
  > John
  >

• Create a static HTML page from a CFM page

  How do I take the results of a dynamic CFM page and write it
  to a static HTML page.

  You can also use the CF administrator.
  Schedule the task. (Or just create the task to be hit by a
  call from a page.) When you set up the "task" Click Publish Save
  output to a file
  and assign the path you want it to write to. I do this for
  high volume front pages and have them created every few minutes to
  reduce the load on the sql and cf servers..

• How to make a variable global to use in all of my cfm page?

  I have a problem with the variables.
  i need to use a variable  " loginrecord" in all of my cfm pages, its created in my login.cfm and the value of this needed in other page and maybe i need to change it .
  in ASP simply we can use SESSION to make a variable global , is there any way in coldfusion ?
  also in ASP we have a command SESSION.SESSIONID ,  so return the unique number from browser and we can se it as a security check for each one of people login to our site and each one is seperate random and unique number , is there any similar in coldfusion ?
  Thanks
  Alireza

  Thanks,
  the reason at the moment i stock with this command is i need to have login information available in all the pages to check the security. the good point i had in ASP is SESSION.SESSIONID   , it make a unique number base on browser and i can check it if user loged in or no , or if loged in is the same user or other user . i couldnt find same command in coldfusion , and now i use <cflogin> but if i can find the way to have a browser session it help me in other part of my program.
  i start coldfusion new ( near a month ) i have some book and Lynda DVDs, also online sources , and in this priod i re developed one of my program from ASP to coldfusion and its work. i am happy of this and help me to develop better and faster . in compare the coldfusion developed one realy is 40% original development in size and 50% faster . i have good background of ASP in last 8 years include MCSD and developed many program for a small and big companies. but i wanna to continue with coldfusion because i found it more helpfull than ASP specialy in FLASH development .
  BTW thanks for your help

• Abort a failed process inside a .cfm page

  Hello everyone,
  I have been bothered by this for a while.
  I have a cfm page that is doing a process of extracting data
  and ftp to locationA. I have this running for about two years. Then
  there came the need to do the same process and ftp to locationB. I
  did not want to repeat the process, so I added ftp locationB at the
  end of the program, to use the same data file
  The process runs well all the time when I only had
  LocationA. The problem is locationB ftp server sometimes would
  close and not to let me connect. this would stall the whole process
  (I gues it was a rollback feature in cold fusion?), including the
  steps of ftp to locationA, even though locationA's connection was
  fine and open.
  Is there a way in Cold fusion pages to abandon a step that
  fails? In this case, I can put the code to ftp locationB in a
  template. If this template fail, go on to the the next line in the
  main page and not to quit the whole thing? I have seen this in
  other programming languages which have the "abort" function.
  Thanks in advance,

  I figured it out!
  Here is the code:
  <cftry>
  <cfftp action = "putfile"
  username = "anonymous"
  password = "mypassword"
  server = "clientserver"
  localFile = "c:/#filename#.xml"
  remoteFile = "/uploads/#filename#.xml"
  >
  <!--- <p>... other processing goes here --->
  <!--- specify the type of error for which we search
  --->
  <cfcatch type = "application">
  <!--- the message to display --->
  <h3>You've Thrown a Application
  <b>Error</b></h3>
  <cfoutput>
  <!--- and the diagnostic message from the ColdFusion
  server --->
  <p>#cfcatch.message#</p>
  <p>Caught an exception, type = #CFCATCH.TYPE#
  </p>
  </cfoutput>
  </cfcatch>
  </cftry>
  All I care is that the program does not stop because of the
  ftp error. I don't need the detail error message. Once I took out
  the lines in the example, it worked fine.

• Calling a Perl Script within a JSP page

  Can anyone suggest a technique for calling a Perl Script within a JSP page.
  Thanx
  Raymis

  Runtime.exec()
  URL.openConnection().connect()

• Protect a form submit cfm page

  How else to I protect a form submit cfm page to make sure the request only comes from pages in my own site?
  So far I have this
  <cfif Not cgi.REQUEST_METHOD eq "POST">
    <cflocation url="../index.cfm" addtoken="no">
  </cfif>

  We do the following in our application.cfm:
  <cfif isDefined("FORM.fieldNames") and len(FORM.fieldNames) and NOT reFindNoCase("^(http|https)://#CGI.HTTP_HOST#/",CGI.HTTP_REFERER)>
    <cfabort showerror="Forbidden Request - POST request denied.">
  </cfif>