This content has been marked as final.
Show 2 replies
-
1. Re: Miscellaneous Changes
Charlie Arehart Mar 8, 2012 12:12 AM (in response to Community Help)About the last bullet, the language is a little unclear. But "does not generate the same", it seems you mean "does not generate the current URL as the action". That may be a bit more clear. What's not clear is what will be generated.. Might be helpful to indicate. Also, as for the jvm.config tweak, doesn't that need a - in front of the D?
-
2. Re: Miscellaneous Changes
Aaron Neff Oct 6, 2012 9:22 PM (in response to Community Help)The last bullet can be deleted. CF10 Final restored cfform's default form action. To prevent XSS, CF seemingly uses encodeForHTMLAttribute() on the CGI.SCRIPT_NAME portion and encodeForURL() on each URL param's name & value.
Thanks,
-Aaron



