ColdBox Framework: Should the fwreinit action be protected?


ColdBox Framework: Should the fwreinit action be protected?

Posted by Luis Majano
Dec 06, 2006 00:00:00 UTC
I have had some suggestions for the fwreinit flag to be protected in order to reinitialize the application at hand. What do you think? Is this overkill? The application reinitializes, but it does not crash. It just adds some extra cycles to the request in order to clear and reinit the app.

Please send me your comments, suggestions? Should an application reinit, be password protected?

Thanks,

Luis

 


Sana

Hi Luis,

I think it really important to keep our APP more secure. Why we allow site users to reinit our app. some users they just play with these kind of things and keep reinit app. In my app i am using onAppinit method to call global components + static data queriries and other global static info. so keep reinit the app cause some problem of server timeout and also whole system get very slow.

Thanks Sana

Rob Gonda

If you allow to set a init key and init password is enough. You can set it to a complex password which no user could guess. That's secure enough for me. p.s. this captcha text is really annoying. Check out Charlie's solution, also default in a latest version of blogCFC

Luis Majano

Thanks Rob!! You are the details man!! jeje.

Will take a look at it.

Site Updates

Entry Comments

Archives

Entries Search