2 Replies Latest reply: Oct 6, 2012 9:22 PM by Aaron Neff RSS

    Miscellaneous Changes

    Community Help Community Member
    Community Help Mar 8, 2012 12:12 AM

      This question was posted in response to the following article: http://help.adobe.com/en_US/ColdFusion/10.0/Developing/WSe61e35da8d3185183e145c0d1353e31f5 59-7ff7.html

      • 894 Views
      • Tags:
        • 1. Re:  Miscellaneous Changes
          Charlie Arehart CommunityMVP
          Charlie Arehart Mar 8, 2012 12:12 AM (in response to Community Help)

          About the last bullet, the language is a little unclear. But "does not generate the same", it seems you mean "does not generate the current URL as the action". That may be a bit more clear. What's not clear is what will be generated.. Might be helpful to indicate. Also, as for the jvm.config tweak, doesn't that need a - in front of the D?

          • 2. Re:  Miscellaneous Changes
            Aaron Neff CommunityMVP
            Aaron Neff Oct 6, 2012 9:22 PM (in response to Community Help)

            The last bullet can be deleted.  CF10 Final restored cfform's default form action.  To prevent XSS, CF seemingly uses encodeForHTMLAttribute() on the CGI.SCRIPT_NAME portion and encodeForURL() on each URL param's name & value.

             

            Thanks,

            -Aaron