Dec 30
In this show we talk about the past year. We talk about our contest for the prize you cant buy. Only 2 days left to enter. We discuss the issues we encountered when we launched our new Mango Blog powered site. Then a intense discussion breaks out about Adobe and the CFML Advisory Committee.
Show Topic Links:
http://corfield.org/blog/index.cfm/do/blog.entry/entry/Improving_CFSCRIPT
Jan 3, 2010 at 9:46 PM First off I have to say that I'm glad that you made it to 35 shows and that you keep it up for the next year. You have the best CF podcast out there!
I love show's like these!!! I love when you two debate! It just shows how much smarter Mike is than Dave. Every time that I listen to Dave I'm so happy that I don't have to work with a guy like him. He is knowledgeable about CF and maybe about one other technology but he is very close minded and not very bright when it comes to the business side of things. I guess that goes without saying since he has been at the same company for almost ten years and hasn't made it to at least the Director level yet.
P.S. What's with the yawning during the show? Both of you need to respect your listeners more. If your tired don't do the show! Just wait until your both awake.
P.S.S - Can you talk more about Security? Perhaps get Jason Dean (12 roobots) on the show. We just underwent a huge security audit and the way that CF handles the url.CFID and url.CFToken make it super easy to steal someones session. Most of your listeners I'm sure don't know this and they need to take steps to prevent this.
Jan 3, 2010 at 11:04 PM @Cesar
I apologize for the yawning. We have to record the show early in the morning before work. We are tired because, well, we are programmers. We stay up late doing work then get up early to do work. I am usually the one yawning so it is mostly my fault.
Good idea about security. Let me reach out to Jason and see if he is up for it. Session hijacking in CF is very easy. However, there are ways to combat it.
I'll save the rest of my comments for show #36.
--Dave
Jan 4, 2010 at 6:46 AM I agree...I like the show, but get really turned off with the yawning. I have even stopped listening at some points because of it. It just sends off the wrong vibe and feel about CF. Also, is there anything you can do with the audio levels...so many highs and lows.
Jan 4, 2010 at 7:17 PM Yes, congratulations very much on making it to your #35 episode. I usually listen to your commentaries at work and on the train. First found you out through iTunes, and have been checking it out ever since. I don't actually program full-time, so it's nice to hear some tips from y'all folks that do. I found the yawning to be quite hilarious, but if it's bugging some people I guess there's always a mute? Much props for being willing to churn out a recording that early in the morning at any rate. I know I couldn't do it.
Thanks for mailing out the Railo bling!
Jan 4, 2010 at 10:09 PM Dave -
I can't wait to hear your comments and look forward to the show... Thanks for not taking my comments to hard I'm just trying to be constructive.
I can't wait to hear how you and your team prevent session hijacking. Jason Dean posts a lot of scenarios to prevent this but never really presents a finished solution. I've even heard of cfer's storing CFID's and CFToken information in a session table in the database (similar to what .NET does) to prevent this and generate unique values on authentication and logout. But I would like to hear your approach and solutions for handling this on an enterprise level application.