Chris Shiflett, the author of Essential PHP Security posted a cool idea on his blog about secure forms. His idea was to have browsers show visually that a form action is secure (going to a HTTPS page). A good idea, I hope to see that implemented.
- HTTP Strict Transport Security - September 17, 2010
- Web Form Security and the Middle Man - May 17, 2006
- How To Scream Unsecured - May 2, 2006
- HackMyCF Adds SSL/TLS Scanner - May 27, 2015
- How to Get a Green SSL Certificate - November 18, 2009
Chris used to be a ColdFusion developer, and I had a great deal of respect for him before I knew he wrote for O'Reilly. I was completely blown away by him when he explained a MSIE security hole to me several years ago when I met him on a consulting detail. He also writes for the 2600 Hacker's Quarterly. Chris: Next time, Corky's Barbeque is on me!
Nice ICON ;)
- Why is my cron.daily script not running?
- Announcing FuseGuard Version 3
- CFSummit 2017
- Java Unlimited Strength Crypto Policy for Java 9 or 1.8.0_151
- Java 9 Security Enhancements
- Upcoming CFML Conferences in April 2017
- CFSummit 2016 Slides
- Securing Legacy CFML - dev.Objective() 2016 Slides