ColdFire 1.6 Update

Just a quick post to let folks know I've released an update for ColdFire 1.6 that fixes an issue changing ColdFire views when Firebug is detached from the main browser window. I advise all ColdFire users to update, even you are not seeing this issue, as the initial ColdFire 1.6 release was using an obsolete Firebug API and silently throwing errors. This is a Firebug extension update only so there is no need to update any of the ColdFire templates on the server.

Thanks to ColdFire user Rob Barthle for reporting this issue and taking the time to put together a screencast so I could easily see the problem.

ColdFire Update

Yesterday the Firebug team released Firebug 1.6. This version has quite a few updates and bugfixes, but there was also some refactoring done to core components that broke ColdFire. Luckily the Firebug team does a good job with branching in their SVN repo so it was easy enough to compare Firebug 1.5 to 1.6 and make the necessary updates to ColdFire. So, if you have updated to Firebug 1.6 and noticed that ColdFire stopped working, go download the new ColdFire 1.6 and you should be good to go. Note that this release only updated the ColdFire Firebug extension so there should be no need to update any of the ColdFire debugging templates on your ColdFusion servers. As always, if you have any issues please report them on the RIAForge project page.

Solr Indexing of ORM Entities: SolrEntity

ColdFusion 9 introduced two new features, Hibernate based ORM and Solr full text search indexing, however using the two together never seemed as easy as it could be. In the Java world you have Hibernate Search or the SolrJ client, both of which allow you to easily include an entity in a Lucene/Solr search index via simple annotations. Taking those projects as inspiration I came up with SolrEntity, a base component that implements ColdFusion ORM event handler methods to manage indexing of an entity via simple annotations (custom metadata attributes).

[More]

Another cf-websocket-gateway Update

I just released version 1.2 of cf-websocket-gateway. This is a bug fix release which addresses I/O issues in the underlying Java-WebSocket server. If you are using cf-websocket-gateway I highly recommend updating to this latest version.

New cf-websocket-gateway Released

I've released a new version of cf-websocket-gateway which allows for targeted messaging. In the first release, messages were sent to all connected WebSocket clients. With this release you can now send messages to a single client or sets of clients. For more information see the github wiki.

I've also upload three sample applications that show how to use the WebSocket gateway with Flash fallback for browsers that do not support WebSockets. The examples are available in the v.1.1 download.

ImageCrop: The rectangular crop area must not be outside the image

Today I was resizing and cropping some images with ColdFusion when I ran into the following issue. After resizing the image using ImageScaleToFit(), ImageCrop() would throw an error stating that "The rectangular crop area must not be outside the image." I was able to confirm that the crop area was not outside of the image, so I was a little perplexed. Then I found the following listed as a known JAI bug:

[More]

WebSockets with ColdFusion

Today I released a ColdFusion WebSocket Gateway on RIAForge and Github. The name pretty much says it all. It is a event gateway for messaging between ColdFusion and conforming clients via the WebSocket protocol. The gateway is based on Nathan Rajlich's Java-WebSocket server implementation, which I updated to support both WebSocket draft 75 and draft 76 clients. For more info on how to install and use this gateway see the Github wiki page.

[More]

OpenID4CF Updated To Fix Potential Security Issue

Last week I gave a 30 minute introduction to OpenID at our monthly developer tech talk lunch. Soon after the talk my co-worker Tim Allen sent me this article on a recently discovered security vulnerability in most open source OpenID implementations.

I was particularly interested because I maintain OpenID4CF, which is based on the OpenID4Java library. So I did a little more research into the issue and asked about it on the OpenID4Java mailing list. As it turns out OpenID4Java is potentially vulnerable to this attack, but a user on the list was able to give some advice on how to patch the library based on a fix committed to JOpenID.

Now I don't really know how exploitable this vulnerability is, but given how simple the fix was I went ahead and patched the fork of OpenID4Java I package for OpenID4CF and posted it to RIAForge. Hopefully OpenID4Java will be patched shortly, but in the meantime you can use the version I include with OpenID4CF if you want to protect against this potential vulnerability.

Listening for CFTREE data loaded events

Last week Ray Camden asked if it was possible to listen for data loaded events with CFTREE. I had done some work with CFTREE in the past and I knew something like this should be possible. After some quick investigation I put together a quick and dirty example to show how you could be notified when new nodes are loaded for a tree.

[More]

Adobe ColdFusion Anthology

Just a quick post to let people know that the Adobe ColdFusion Anthology was released today by Apress. The book has tons of excellent content from the Fusion Authority Quarterly Update, including my article "Web Services and Complex Types."

More Entries

BlogCFC was created by Raymond Camden. This blog is running version 5.8.001.