Hi everybody,
I currently have my SQL Server connection string in an
Application variable in the global.asa.
Could that be a security risk?
I have heard that with Cold Fusion, when there is a page error.... the
actual Connection String is written to the screen as part of the error
page....
I'm quite sure that would not occur in ASP but just wanted to be sure,
and get a few expert opinions....
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!