Posts Tagged coldfusion

Never output anything to a browser without using a formatting filter

Cross-site scripting (XSS) vulnerabilities can be quite a serious problem if you’re not careful. And if you’re using a framework like CFWheels, you need to be extra careful to protect your output from rendering malicious content.

In this post, I suggest that you must always use a formatting function like EncodeForHtml, DateFormat, or NumberFormat when outputting any dynamic value.

Read the rest of this entry ›


iCRM SDK Released as Open Source

Today, we’re excited to release iCRM SDK, our ColdFusion wrapper for the Infusionsoft® API on GitHub. We’re excited to release some code that’s been very useful to Liquifusion Studios as a gift to the open source community.

Read the rest of this entry ›


Super-Slow ColdFusion Image Processing

I was excited to finally take some time to add the ability for people to upload screenshots in the CFWheels Site Directory when I ran into a big problem. But when I started sending large screenshots to ColdFusion’s ImageScaleToWidth(), it would take 30+ seconds to do the processing. Unacceptable.

Read the rest of this entry ›


Full CFScript CFCs Aren’t Yet Where They Need To Be

A few months ago, I blogged about my excitement about the role that full script CFCs could have in an MVC stack, particularly with CFWheels. In my excitement to try out the new feature, I had spent much of a Saturday manually converting all of my components into CFScript components in a project that I am working on.

Unfortunately, the CFScript part of ColdFusion isn’t quite where it needs to be yet.

Read the rest of this entry ›


A Rally Cry for ColdFusion

These are exciting times for ColdFusion. We have open source alternatives. Adobe just released their first shot at an official ColdFusion IDE, and they’ve even included Flash Builder in the package for free.

I’ve seen people comment that Adobe needs to promote and advertise ColdFusion more heavily. I think that this is a problem. While they are responsible for advertising and promotion to a degree, we must acknowledge that they’ve invested a lot into creating great tools for us to use and take some of the responsibility into our own hands.

Read the rest of this entry ›