Smart Category: ColdFusion (rss)
1 | Next Page

ColdFusion cfinvokeargument bug

Apr 23, 2014 2:31 PM
Rating: (Total Clicks 6)

A coworker and I were debugging some old code yesterday and couldn't believe what we came across. Say you have a component and and in a method for whatever reason you were using cfinvoke to call another method. In this case we have a variable called ... (translate)

Adobe Product Security Incident Response Team (PSIRT) On ColdFusion And HeartBleed

Apr 17, 2014 4:37 AM
Rating: (Total Clicks 32)

The world is abuzz with the OpenSSL "heartbleed" bug and the ColdFusion community has also been going 'round about it too. Firstly, a server (like Apache, Nginx, Tomcat, etc) can be exploited by a client on a hackers machine requesting an SSL connection. In addition, a client (CURL, wget, CFHTTP, etc) can be exploited if connecting to a malicious SSL endpoint. So basically, the bug has the ability to flow both ways. For most CF sites, they are using IIS, Apache, or Nginx to serve content so ColdFusion has no bearing on the vulnerability from that end. Any CFML application, (translate)

New PDF Ref Card: Building ColdFusion REST APIs

Apr 15, 2014 1:23 PM
Rating: (Total Clicks 16)

We have just released a new getting started reference cards, ColdBox REST APIs. This will give you quick overview of everything you need to get started building ColdFusion REST APIs based on ColdBox's simple MVC conventions and URL routing. Download it here and give it a read: WireBox Ref Card (translate)

Upcoming ColdFusion Seminars

Apr 11, 2014 12:52 PM
Rating: (Total Clicks 19)

With the next major version of ColdFusion now in public beta, the ColdFusion team is hosting a series of online seminars. (translate)

Adobe ColdFusion Summit 2014

Apr 10, 2014 10:44 PM
Rating: (Total Clicks 23)

Finally!!  I've been waiting a very long time to publicly announce all the details of CF Summit 2014 and here it is! We are pleased to officially announce the next Adobe ColdFusion Summit to be held October 16th and 17th at Aria Resort & Casino, Las Vegas, Nevada.  It's going to be even better than last year and pricing remains very low at $299 early bird rate through July! When: October 16th & 17th, 2014 Where: Aria Resort & Casino, Las Vegas, Nevada Pricing: $299 early bird rate until July 31, 2014.   Standard rate is $399 from August 1, 2014 Room Rate: $149/nt   Registration is (translate)

Recording and demos from my ColdFusion 11 presentation

Apr 10, 2014 3:21 PM
Rating: (Total Clicks 29)

Thanks to the Salt Lake City UG for allowing me to present to them last night. You can watch a recording of the presentation via the link below. I've also attached a zip of the demo files. Recording URL: (translate)

getSafeHTML and ColdFusion 11

Apr 10, 2014 5:21 AM
Rating: (Total Clicks 25)

One of the cooler new features in the next version of ColdFusion is getSafeHTML. I had seen this mentioned a few times already but it never really clicked in my brain what it was doing. getSafeHTML makes use of the AntiSamy project. It takes user-generated content and replaces unsafe HTML. What is safe and what isn't? It is totally up to you. The functionality is driven by an XML file (a very complex XML file) that lets you get as granular as you want. Want to support the bold tag but not italics? Fine. Want to support colors for CSS (translate)

Upcoming ColdFusion E-Seminars

Apr 9, 2014 7:21 PM
Rating: (Total Clicks 29)

Just a quick FYI to let you know about some upcoming ColdFusion e-seminars. These are online presentations open to the public. Public Beta E-seminar: Everything about Mobile Application Development and ColdFusion Splendor - April 10 Public Beta E-seminar: Delicious Language Enhancements in ColdFusion Splendor - April 17 Public Beta E-seminar: Pixel Perfect PDFs in ColdFusion Splendor - April 24 (translate)

Security Enhancements in ColdFusion Splendor - PBKDF2 and AntiSamy

Apr 9, 2014 1:24 PM
Rating: (Total Clicks 26)

ColdFusion 11 added few more security functions to the rich set of coldfusion security functions. Some of them includes protection against XSS using AntiSamy framework, PBKDF2 key derivation etc. In this blog post we will introduce you to the Antisamy and PBKDF2 key derivation functions added in coldfusion Splendor. AntiSamy Support: If there is a need to accept HTML/CSS input from the user then there is high possibility that the input containing XSS. In this case We can not use encoding functions as the HTML/CSS as the input need to be rendered by the browser. AntiSamy API provides an input (translate)

This is not the function you are looking for

Apr 8, 2014 2:27 PM
Rating: (Total Clicks 28)

Yesterday I was doing some editing on the CFML Reference wiki when I ran across a function that is - as far as I know - one of the most misused functions in ColdFusion. What function is that? listContains. To be clear, listContains is not buggy. It works 100% as advertised. But in the 15 or so years I've used ColdFusion I have not seen one person use it the right way. Simply put, listContains searches a list for partial matches. So for example, given a list of: ray,scott,dave,adam,data. You want to see if the list of names includes ada. (translate)

1 | Next Page