Jayesh Viradiya is one of the ColdFusion engineers. In his article he is explaining ORM capability for SQLite in AIR.
Here is his new article on the Adobe Developer Center about it.
Friday, July 30, 2010
New Article on Building ColdFusion applications using Java
Vinu Kumar is one of the ColdFusion engineers. He has written a demo application explaining how to deploy ColdFusion in JBoss and about developing ColdFusion applications with Java. His sample application, a travel website, demonstrates how to rewrite your JSP to CFML pages and access Java code from your CFML pages. It also shows you how to write portlets for the JBoss portal and embed the sample application in the portal.
He's got a new article on the Adobe Developer Center about it. Check it out.
He's got a new article on the Adobe Developer Center about it. Check it out.
Wednesday, July 28, 2010
ColdFusion Session cookies & HttpOnly
With ColdFusion 901 release now ColdFusion Session Cookies can be marked HttpOnly. This reduces the chance of session information being compromised on Cross Site Scripting (XSS) attack.
To mark these session Cookies (CFID, CFTOKEN, jsessionid HttpOnly), add the following jvm property -
coldfusion.sessioncookie.httponly=true
Currently there is a limitation on JBoss/Tomcat for marking jsessionid cookie as httponly.
Any other ColdFusion cookies can be marked as HttpOnly by using "httponly" attriibute of cfcookie tag.
To mark these session Cookies (CFID, CFTOKEN, jsessionid HttpOnly), add the following jvm property -
coldfusion.sessioncookie.httponly=true
Currently there is a limitation on JBoss/Tomcat for marking jsessionid cookie as httponly.
Any other ColdFusion cookies can be marked as HttpOnly by using "httponly" attriibute of cfcookie tag.
Subscribe to:
Posts (Atom)