Skip to content


Subversion checkout URL

You can clone with
Download ZIP
branch: master
Fetching contributors…

Cannot retrieve contributors at this time

executable file 108 lines (97 sloc) 5.439 kB
<!DOCTYPE html>
<html lang="en">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!-- Le styles -->
<link href="../assets/css/bootstrap.css" rel="stylesheet">
body {
padding-top: 60px; /* 60px to make the container go all the way to the bottom of the topbar */
<link href="../assets/css/bootstrap-responsive.css" rel="stylesheet">
<!-- Le HTML5 shim, for IE6-8 support of HTML5 elements -->
<!--[if lt IE 9]>
<script src=""></script>
<!--- <!-- Le fav and touch icons -->
<link rel="shortcut icon" href="../assets/ico/favicon.ico">
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="../assets/ico/apple-touch-icon-144-precomposed.png">
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="../assets/ico/apple-touch-icon-114-precomposed.png">
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="../assets/ico/apple-touch-icon-72-precomposed.png">
<link rel="apple-touch-icon-precomposed" href="../assets/ico/apple-touch-icon-57-precomposed.png"> --->
<cfinclude template="topmenu.cfm">
<div class="container-fluid">
<div class="row-fluid">
<cfinclude template="sidemenu.cfm">
<div class="span9">
<div class="hero-unit">
<p>Web Application Firewall for ColdFusion</p>
<p><a class="btn btn-info btn-large" href="">Learn more &raquo;</a></p>
<div class="row-fluid">
<div class="span4">
<p>The XSS Filter blocks several cross site scripting attack vectors. This filter returns multiple threat levels based on the possible presence of a cross site scripting request.</p>
<p><a class="btn btn-info" href="XSS.cfm">View examples &raquo;</a></p>
<div class="span4">
<h2>SQL Injection</h2>
<p>The SQL Injection Filter blocks against several SQL injection attack vectors.</p>
<p><a class="btn btn-info" href="SQLInjection.cfm">View examples &raquo;</a></p>
<div class="span4">
<h2>Session Hijacking</h2>
<p>This filter is used when session variables are turned on in your application. It can detect if a session suddenly changes user agents, and will block the request.</p>
<p><a class="btn btn-info" href="SessionHijacking.cfm">View examples &raquo;</a></p>
<div class="row-fluid">
<div class="span4">
<h2>URL Session ID</h2>
<p>This filter blocks requests that pass session id in the URL (such as cfid, cftoken, or jsessionid) as this may allow for session hijacking.</p>
<p><a class="btn btn-info" href="URLSessionID.cfm"">View examples &raquo;</a></p>
<div class="span4">
<h2>ID Validation Filter</h2>
<p>The ID Validation Filter has a simple concept but can be very effective in blocking many attacks. This filter inspects the value of variables whose name ends with id and ensures that they are a valid id. By default it allows any string containing alphanumeric characters, underscore, and dash. You can configure this filter to only allow integer id values, or UUID values created with CreateUUID. Consult the CFC reference for details.</p>
<p><a class="btn btn-info" href="ForeignPost.cfm">View examples &raquo;</a></p>
<div class="span4">
<h2>Malicious File Uploads</h2>
<p>This filter allows you to block or log requests in which a file upload takes place based on the file extension passed by the client. </p>
<p><a class="btn btn-info" href="MaliciousFileUploads.cfm">View examples &raquo;</a></p>
<p>&copy; Company 2012</p>
<!-- Le javascript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
<script src="../assets/js/jquery.js"></script>
<script src="../assets/js/bootstrap-transition.js"></script>
<script src="../assets/js/bootstrap-alert.js"></script>
<script src="../assets/js/bootstrap-modal.js"></script>
<script src="../assets/js/bootstrap-dropdown.js"></script>
<script src="../assets/js/bootstrap-scrollspy.js"></script>
<script src="../assets/js/bootstrap-tab.js"></script>
<script src="../assets/js/bootstrap-tooltip.js"></script>
<script src="../assets/js/bootstrap-popover.js"></script>
<script src="../assets/js/bootstrap-button.js"></script>
<script src="../assets/js/bootstrap-collapse.js"></script>
<script src="../assets/js/bootstrap-carousel.js"></script>
<script src="../assets/js/bootstrap-typeahead.js"></script>
Jump to Line
Something went wrong with that request. Please try again.