Saturday 04-02-2012
About Us | Contact Us | FAQ | Support | Links
Coldfusion Custom Tags, CFXs, CFCs, Full Applications and more!
< Built by ColdFusion Developers, for ColdFusion Developers > 		 
Home | Tag Categories | Latest Tags | Top Rated Tags | Top Selling Tags | My Account | Search | Sell Your Tags | Tags A-Z
TrimVars - Prevent XSS Flaws

TrimVars - Prevent XSS Flaws - cf_trimvars is a quick solution to trim and 'html escaped' structure variables, such as form and url variables.
Developer Name: Rizal Firmansyah
Company Name: MasRizal & Partners
Email Developer Email Developer:
Latest Version: 2.0
Price: $25
License: One copy per developer.
Encrypted: No
Average Rating:
Times Rated: 6
Rate This Tag:


Tag Comments

There are no comments for this tag yet!
 Related ColdFusion Applications
Developers who purchased TrimVars - Prevent XSS Flaws also purchased:
  1. CF_ProFlashUpload V1.7
  2. CFBB Forums
  3. CFX_HTTP5
  4. CF_Tab
  5. CF_RelatedSelectsControl
  6. CF_CalendarControl
  7. ZipDistance
  8. CF_UPSMX
  9. CFX_ListDir
  10. CF_FileManager V3.2 (Unencrypted)

What Is TrimVars - Prevent XSS Flaws?
cf_trimvars is a quick solution to trim and 'html escaped' structure variables, such as form and url variables.

By using this custom tag, not only you won't have to trim each and every variables manually, but also protect your code from cross site scripting (XSS) attack, cause you can set all URL and FORM variables to be escaped before sent to your application.
All of this can be done by simply adding 1 line in your Application.cfm.

Learn more about XSS vulnerability: http://www.aspectsecurity.com/topten/xss.html

This custom tag also support trimming structure inside of structure.
For example if you have a structure that contains recordsets, or another child structures,
this custom tag will recursively trim all variables inside them too.

This custom tag comes with a very low price.
I believe the price of this custom tag is less than an average 1 hour programmers rate.
But by using this custom tag, you save lots of your valuable time writing code to trim each and every variables.
And because of its very low price (esp. comparing your rate and effort to trim all variables),
i would like to give a license to use this tag is for "1 copy per developer".
That means each developer must purchase a copy of this custom tag for his/her own use.

*** DISCOUNT FOR CFTAGSTORE CUSTOMERS ***
Use promotion code: CFTAGSTORE to get 40% discount

cf_trimvars is a quick solution to trim and 'html escaped' structure variables, such as form and url variables.

*** Requirements:
ColdFusion 5, MX and up

*** Usage:
<cf_trimvars structure = "Structure containing variables to trim and html escaped- mandatory, default: form and url"
exclude = "list of variables not to be trimmed"
dontescape = "list of variables not to be html escaped">

*** Examples:
1. Trim and escape all URL and FORM variables. Just put below line in your application.cfm
<cf_trimvars structure="form,url">

2. Trim and escape all URL and FORM variables, except form.UploadFile as it contains uploaded file.
Put below line in your application.cfm
<cf_trimvars structure="form,url" exclude="UploadFile">

3. Trim and escape all URL and FORM variables, except form.UploadFile cause it contains uploaded file, and HTMLText cause it contains HTML tags.
Put below line in your application.cfm
<cf_trimvars structure="form,url" exclude="UploadFile" dontescape="HTMLText">

4. Trim query result.
<!--- query database for information --->
<cfquery name = "GetParks" dataSource = "cfsnippets">
SELECT PARKNAME, REGION, STATE
FROM Parks
</cfquery>
<cf_trimvars structure="GetParks">

*** Examples:
For a complete example, please click this link


 
< Business Strength Coldfusion Custom Tags >
Sitemap | Privacy | Branding | Web Services | Support | Contact Us