Login

    Register

PROJECT CATEGORIES

 

 Portcullis - SQL Injection and XSS Filter
Project Home External Project Link Contact Project

Author: John Mason (All RIAForge projects by this author)
Last Updated: May 10, 2008 6:41 PM
Version: 1.0.3
Views: 275
Downloads: 53
License: Apache License, Version 2

Description:

Portcullis is a CFC based url,form,cookie filter to help protect against SQL Injection and XSS (Cross Site Scripting) atacks. This CFC can help filter input, strip tags and escape HTML based on internal settings. It can also log attacks and temporarily block future attempts based on a set time limit. Portcullis can be installed into any ColdFusion application as a simple shared scoped singleton.

1.0.2 (4/23/2008) - First public release
1.0.3 (5/10/2008) - Added CRLF defense, HttpOnly for cookies, function to remove individual IPs from the log and a new escapeChars function that replaces the htmlEditFormat() which does not catch everything.

Requirements:

ColdFusion 6,7 or 8

Adobe and the Adobe product names are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.