I am trying to figure out why this rule is not working. I have a preview url for products so that internally people can check out a preview before it goes live. The url looks something like this below where product is the handler and preview is the action
index.cfm/product/preview?pid=3628
I thought this rule would whitelist the preview action but it is not, what is wrong with this?
solitary:security\..*,docs\..*,product\preview \..* admin,author security/login falseI thought the handler had to be in the form of ,product\.preview
(thats per the doc, dunno why because without the . feels more
natural)
Normal regex rules apply. Looks like Don Q has identified the issue that a period is missing.
You may want to install this Eclipse Plugin (http://myregexp.com/eclipsePlugin.html). It helps me quick validate the RegEx rules in situations like this.
Please let me know your status.
Thanks,
Aaron
What would be really cool is an eclipse / cfbuilder plugin that can
introspec ColdBox handlers and give a gui walk-through for building
the security interceptor rules.
(you guessed it, I don't know regex)