Hi to all, I’m in the need to pass an URL as an argument to cfexecute and the URL will be set by anoynmous user inputs. Because of that I need to sanitize/check that URL to prevent any malicious CMD injections. I know SQL-injection-prevention with cfqueryparam, but is there any similar way to do that with cfexecute arguments? Would the function IsValid(“url”, userinput.url) be sufficient in that case? What else should I consider? Thanks in advance for any tips!
You can do some type checking on the URL variables with cfparam
Going to look into this. Thanks for the tip!