VerifyClient

Description

Requires remote invocations of the page or calls to functions on the page to include an encrypted security token.

Returns

Does not return a value.

Category

Security functions

Function syntax

VerifyClient()

See also

cffunction, Improving security in the Developing ColdFusion Applications

History

ColdFusion 8: Added this function.

Parameters

Does not take any parameters

Usage

Use this function to help prevent security attacks where an unauthorized party attempts to perform an action on the server, such as changing a password. As a general rule, use this feature for Ajax requests to the server to perform sensitive actions, such as updating passwords.

If you call this function, you must enable client management or session management in your application; otherwise, you do not get an error, but ColdFusion does not verify clients. Use this function only on pages that respond to client-side ColdFusion Ajax features, such as bind expressions. These features include code that correctly sends the security token when needed.