Working With Event Gateways: cf.Objective 2012 Code and Slides

If you've been doing CF for a while chances are you've seen a presentation or two on event gateways. Generally they rehash what is covered in the documentation and walk through a few examples of configuring and using the event gateways that ship with ColdFusion. Maybe the presenter demos the directory watcher gateway or a fancy chat application using the Flash messaging gateways. Cool stuff, but I've never really seen anyone present on building custom event gateways. So for my Working With Event Gateways presentation at this year's cf.Objective I decided to share the process I went through to build a new event gateway that allows you to subscribe to a Redis pub/sub channel.

Anyway, I don't know how successful my approach was, but I've included my slides as an attachment to this post and the code for the event gateway is now on GitHub for those who are interested. The slides are very minimal so if you have questions please feel free to ask.

Thanks to everyone who attended.

HTTP for CF Developers: cf.Objective 2012 Code

The code I used for my cf.Objective() presentation HTTP for CF Developers is now up on GitHub.

Thanks to everyone who attended my session. I hope you enjoyed it and learned as much as I did putting it together. Also, if you attended my session and haven't fill out your evaluation you can still do so here.

Introducing A New Validation Framework, OK!

Today I released a new ColdFusion 9 ORM entity validation framework named OK!. This framework grew out of my attempt to use Hyrule in a large FW/1 Mura plugin. I really liked Hyrule, but I ran into a few issues with the framework and OK! is an attempt to address those issues.

OK! works very much like Hyrule, except it:

  • supports nested validation,
  • supports component level validation,
  • has better custom rule integration,
  • and supports all IsValid() validation rules including regular expressions.

Documentation is still a work in progress but there are plenty of examples of how to use the framework in the /tests directory. Please check it out and let me know what you think.

New Version of ColdFusion WebSocket Gateway

Today I finally got around to updating my cf-websocket-gateway project. This version is based on the Webbit WebSocket server, which is itself based on the Netty project. I made this change because the Java-Websocket server I was using was not being updated and Webbit is a very nice WebSocket server that supports the latest versions of the WebSocket specifications and thus works with the latest versions of Chrome, Safari, etc.

Of course, shortly after migrating to Webbit, Java-Websocket was updated to support the latest WebSocket specifications so if you would like to continue to use that server as the underlying engine for your gateway check out the java-websocket branch on Github.

I should note that the API has changed with this release. If you have existing listener CFCs that use the onClientOpen and onClientClose listener methods those should be renamed to simply onOpen and onClose. Once that change is made your existing listeners should work with version of the gateway. As always, please report any issues on the Github project page.

Secure CFCOOKIE Security Consideration

Last night I gave a presentation to my local Philly CFUG, part of which covered the creation of cookies from ColdFusion. In the course of presenting I "discovered" that it is possible to set secure cookies in response to a non-secure request.

<cfcookie name="mycookie" value="yum" secure="true"/>

Now, the browser will not send that cookie on subsequent requests if you are not using a secure connection, however, if the cookie was set on a non-secure page the value of that cookie has already been exposed to potential hijacking.

The Lesson Learned

If you are using cfcookie with the secure attribute, make sure you are doing so over a secure connection or you may be leaving yourself vulnerable to cookie hijacking.

Issue with ColdFusion’s Built In Solr on Mac

I recently ran into an issue with ColdFusion's built in Solr search server where, while running Solr on Mac OS 10.6, Solr would unexpectedly crash. I was using a custom schema and attempting to use Solr's data import handler so I thought they may have had something to do with my problem. After some more testing I found that, even while using the stock schema provided by ColdFusion, Solr would crash under relatively light load. More testing and a fair amount of swearing eventually lead me to the -XX:+AggressiveOpts JVM argument. The Solr startup script used by ColdFusion on the Mac, cfsolr, sets this JVM argument.

I wasn't familiar with this argument so I had to go look it up. According to Oracle's documentation, you use the -XX:+AggressiveOpts option to "turn on point performance compiler optimizations that are expected to be default in upcoming releases." To be honest I'm not entirely sure what the "point performance compiler optimizations" are, but being wary of anything labeled aggressive I decided to remove this option and see what happened.

I ran my tests again and everything seemed to work. Solr was able to handle the load from my tests and the data import handler began working with my custom schema. I was back in business.

After making this discovery I'm still a little concerned as I'm not sure why the -XX:+AggressiveOpt was being used in the first place, but since I'm not running OS X in production I'm fine with making this adjustment on laptop for development. I'd definitely be interested to see if others have run into this issue or to find out more about the -XX:+AggressiveOpts JVM argument.

cf-spreadsheet-taglib

Today I threw together a quick custom tag library for ColdFusion 9 which allows you to build Excel spreadsheets using syntax similar to HTML tables. Right now it is very basic but I plan to expand on it as needed. You can check it out on GitHub.

ColdFire Update

ColdFire has been updated to work with Firefox 4/Firebug 1.7. This is an Add-on update only, so no need to update the server bits with this release. As always report any issues on the RIAForge bug tracker.

On Null

I'm finally doing a lot of work with CF 9's ORM and I'm finding that dealing with null values in CFML can be quite a pain, especially when working with relationships. One thing that comes up quite a bit is iterating over child collections. ColdFusion goes out of it's way to shield developers from null values, yet when an entity has an empty collection ColdFusion returns a null. (Long time user of CFML would likely expect an empty array here, similar to how <cfquery> returns and empty string for null values, but this is not the case.) This means I end up doing something like this quite a bit:

[More]

Quick Tip: cffile action=”append” in cfscript

So this is old news - like ColdFuison 8 old news - but I've only started to use cfscript heavily with ColdFusion 9 so I just ran into this today. If you need to append to a file in cfscript you first need to use FileOpen() to open a file object in the append mode.

fileObj = FileOpen("/path/to/myfile.txt","append");

Then you can append to the file using FileWrite():

FileWrite( fileObj, "What ever is here gets appended.");

Note that unlike the default behavior of <cffile action="append"> FileWrite() does not append a newline character to text written to file.

Appending to a file isn't documented on the FileWrite() documentation for either ColdFusion 8 or ColdFuison 9, and the documentation does not list FileOpen() in the See Also section, so this took me a lot longer to figure out than it should have. Anyway, I hope this helps others making the transition from tag based to script based CFML.

More Entries

BlogCFC was created by Raymond Camden. This blog is running version 5.8.001.