Friday, July 30, 2010

New Article on ColdFusion 9.0.1 ActionScript ORM Library

Jayesh Viradiya is one of the ColdFusion engineers.  In his article he is explaining  ORM capability for SQLite in AIR. 


Here is his new article on the Adobe Developer Center about it. 

New Article on Building ColdFusion applications using Java


Vinu Kumar is one of the ColdFusion engineers. He has written a demo application explaining how to deploy ColdFusion in JBoss and about developing ColdFusion applications with Java. His sample application, a travel website, demonstrates how to rewrite your JSP to CFML pages and access Java code from your CFML pages. It also shows you how to write portlets for the JBoss portal and embed the sample application in the portal.  


He's got a new article on the Adobe Developer Center about it. Check it out.

Wednesday, July 28, 2010

ColdFusion Session cookies & HttpOnly

With ColdFusion 901  release now ColdFusion Session Cookies can be marked HttpOnly.  This reduces the chance of session information being compromised on Cross Site Scripting (XSS) attack.
To mark these session Cookies (CFID, CFTOKEN, jsessionid HttpOnly), add the following jvm property -

coldfusion.sessioncookie.httponly=true

Currently there is a limitation on JBoss/Tomcat for marking jsessionid cookie as httponly.

Any other ColdFusion cookies can be marked as HttpOnly by using "httponly" attriibute of cfcookie tag.

Sameeksha

Sameeksha means, "Abstract". It also means, "Analysis"