Chris Shiflett, the author of Essential PHP Security posted a cool idea on his blog about secure forms. His idea was to have browsers show visually that a form action is secure (going to a HTTPS page). A good idea, I hope to see that implemented.
- HTTP Strict Transport Security - September 17, 2010
- Web Form Security and the Middle Man - May 17, 2006
- How To Scream Unsecured - May 2, 2006
- How to Resolve Java HTTPS Exceptions - November 21, 2018
- HackMyCF Adds SSL/TLS Scanner - May 27, 2015
Chris used to be a ColdFusion developer, and I had a great deal of respect for him before I knew he wrote for O'Reilly. I was completely blown away by him when he explained a MSIE security hole to me several years ago when I met him on a consulting detail. He also writes for the 2600 Hacker's Quarterly. Chris: Next time, Corky's Barbeque is on me!
Nice ICON ;)
- Redirect www and non https in IIS using web.config
- Not authorized to perform: ssm:GetParameters
- What is the difference between ASCII Chr(10) and Chr(13)
- Fixinator and Foundeo Security Bundle
- Running CFML on AWS Lambda with FuseLess Slides
- Updating Java on ColdFusion or Lucee
- ColdFusion returning empty response with server-error: true
- Careful applying CF11u16, CF2016u8, CF2018u2