From Adobe ColdFusion 11 Security Technical Implementation Guide
Part of SRG-APP-000015-AS-000010
Associated with: CCI-001453
Protecting data being sent to the PDF Service for PDF document creation protects the data from being read or modified before the document is created and returned to the requesting application. This protection can be implemented by using https over the plaintext transport protocol of http.
Access the "PDF Service" page under the "Data & Services" menu within the Administrator Console. If there are no PDF Service Managers defined, the finding is not applicable. If any PDF Service Managers listed have "Https Enabled" set to "NO", this is a finding.
If there are no PDF Service Managers in use, the finding is not applicable. Access the "PDF Service" page under the "Data & Services" menu within the Administrator Console. Edit each service and check the "Https Enabled" option.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer