Hello, all,
Is anyone else, here, using the Portcullis CFC??
I've got a form that is submitting via AJaX, and as long as I have JavaScript stripping out malicious code, it works great. But if I disable the client-side validation/sanitization and allow Portcullis to detect malicious code, Portcullis is set to redirect to the root index page if it detects anything. (I have further server-side validation/sanitization, in case JS is disabled.)
Since my form is submitted via AJaX and uses output to display error/success messages to the DOM, Portcullis is loading the main page as the content to display within the DOM of the form page!!
I do NOT have the option of disabling or otherwise skirting using Portcullis. I've tried modifying the Application.cfc to check the cgi.http_referer - if a particular page is the referrer, don't redirect. It's redirecting, anyway.
Any solutions to this without disabling Portcullis?
V/r,
^_^