Feb

20

Cumulative Hot Fix for ColdFusion 9

Filed Under ColdFusion | Leave a Comment

The cumulative hot fix for ColdFusion 9 is now available. 

http://kb2.adobe.com/cps/825/cpsid_82536.html

Feb

19

Security update for ColdFusion and BlazeDS

Filed Under ColdFusion, Flash Remoting | Leave a Comment

An important vulnerability has been identified in BlazeDS 3.2 and earlier versions. The issue affects ColdFusion 7.0.2, ColdFusion 8.0, ColdFusion 8.1, ColdFusion 9.0 and LiveCycle 9.0, 8.2.1 and 8.0.1.

All ColdFusion users make sure to read the ColdFusion Technote at http://kb2.adobe.com/cps/822/cpsid_82241.html

The related security bulletin is at http://www.adobe.com/support/security/bulletins/apsb10-05.html

Oct

4

Changes in the XML configuration files for Flash Remoting in ColdFusion 9

Filed Under ColdFusion, Flash Remoting | 2 Comments

 

Flash Remoting has been revamped in ColdFusion 9. As a result you will notice a few changes to the xml configuration files under WEB-INF/flex directory.

The services-config.xml file now includes remoting-config.xml, messaging-config.xml and proxy-config.xml files. The channel definition can be found in services-config.xml file and the destinations can be found under the remoting-config.xml file. Just to add again, BlazeDS is integrated by default with ColdFusion 9.

It is important to note the changes in the XML files if you wish to migrate your old destination or channel definitions to ColdFusion 9. If you do not wish to migrate, the new Flash Remoting just works for you with the files shipped with ColdFusion 9.

1. All the ColdFusion specific tags such as <access>, <use-accessor> etc have been moved from the definiton of the destination to the definition of the channel. A new <coldfusion> tag has been added under the channel-definition tag in services-config.xml. You will be able to find these CF specific tags under the coldfusion xml tag.

2. The <instantiate-types> tag under the <serialization> tag under the channel-definition tag is no longer required and has to be taken off.

3. The <enable-small-messages> tag under the serialization tag has to be set to false. This tag has to be added under the serialization tag of the channel.

<serilialization>

                    <enable-small-messages> false<enable-small-messages>

</serialization>

It is important to set the enable-small-mesages setting to false for the new Flash Remoting in ColdFusion 9 to work.

In case you are creating the channel set yourself from the ActionScript code, make sure to set enableSmallMessages property on AMFChannel to false.

<mx:AMFChannel enableSmallMessages=false …>

4. The Endpoint classes for ColdFusion 9 under the channel-definition tag in services-config.xml files have been changed. Here’s the list of new Endpoint classes.

Channel-definition ID  : my-cfamf  and cf-polling-amf                    

New Endpoint class in ColdFusion 9: coldfusion.flash.messaging.CFAMFEndPoint
old Endpoint class : flex.messaging.endpoints.AMFEndpoint

Channel-definition ID  : my-cfamf-secure                      

New Endpoint class in ColdFusion 9: coldfusion.flash.messaging.SecureCFAMFEndPoint
old Endpoint class : flex.messaging.endpoints.SecureAMFEndpoint

Channel-definition ID  : my-cfamf-secure                      

New Endpoint class in ColdFusion 9: coldfusion.flash.messaging.SecureCFAMFEndPoint
old Endpoint class : flex.messaging.endpoints.SecureAMFEndpoint

coldfusion.flash.messaging.CFAMFEndPoint

Channel-definition ID  : cf-rtmp (works only with LCDS)                     

New Endpoint class in ColdFusion 9: coldfusion.flash.messaging.CFRTMPEndPoint
old Endpoint class : flex.messaging.endpoints.RTMPEndpoint

 

Take a look at the ColdFusion 9 Developer Guide for more information. 

To maintain backward compatibility, the old xml files from ColdFusion 8 just work with ColdFusion 9 as well. It is just that you will continue to use old flash remoting that is not as fast as the new Flash Remoting in ColdFusion 9.

Oct

4

Flash Remoting in ColdFusion 9 is super fast!

Filed Under ColdFusion, Flash Remoting, MAX | 6 Comments

Flash Remoting has been completly revamped in ColdFusion 9. As a result you will now see that the flash remoting is way faster (many times in fact!) than previous versions.

The new Flash Remoting just comes to you with the default installation of ColdFusion 9. BlazeDS is interated and shipped with the default installation of ColdFusion 9. Also there are quite a few changes that have happened to xml files under the WEB-INF/flex directory that influence flash remoting.

Although no code needs to be changed to make use of this fast Flash Remoting in ColdFusion 9, it is important to understand these changes to the xml in case you want ot migrate your old destinations or channels to leverage the high speed flash remoting in ColdFusion 9. I will be at MAX in LA and will be talking about this Improved Flash Remoting and the AIR Integration in ColdFusion. My session is titled “Improved Flash Remoting and AIR Integration in ColdFusion 9″ on the 7th of October at 5 pm. Make sure you are there to know more about the new Flash Remoting or the AIR Integration.

I will come up with one more post shortly to describe the changes to the xml files.

Jul

13

ColdFusion 9 and ColdFusion Builder now on labs

Filed Under ColdFusion | Leave a Comment

Am sure most of you already know this. Here are the links for the public beta of ColdFusion 9 and ColdFusion Builder.

ColdFusion 9 : http://labs.adobe.com/technologies/coldfusion9/

ColdFusion Builder : http://labs.adobe.com/technologies/coldfusionbuilder/

Jul

4

Potential Security issue with ColdFusion and FCKeditor

Filed Under Ajax, ColdFusion | 1 Comment

Please read this post by the Adobe Product Security Incident Response Team regarding a security issue caused by the FCKEditor included with ColdFusion 8.

Jun

29

ColdFusion 8: Hotfix for CFC Serialization released

Filed Under ColdFusion | 3 Comments

CFC serialization is a feature that came out in ColdFusion 8. With this feature it is now possible to serialize a cfc, i.e. it is possible to write an instance of a cfc to an outputstream. In simple words, it is possible to write cfc instances to a file and read them back. CFCs stored in the session now get replicated across the servers in the cluster as well because of CFC Serialization.

But there were issues with what came out in ColdFusion 8. If the CFC had an array or a query or a data object or a java object, CFC serialization used to fail. The issue is now fixed!

Here’s the technote for the fix : http://kb2.adobe.com/cps/496/cpsid_49620.html

I can now take a deep breath and relax for a while because there were a lot of people on my blog waiting for this fix. Here’s the hotfix.

Nov

3

ColdFusion 9 and AIR

Filed Under AIR, ColdFusion, MAX | 8 Comments

Excited to know more about Centaur, the next major release of ColdFusion?

I am sure most of are waiting to know more about Centaur at MAX.

Here’s an update on the session titled ColdFusion Powered AIR

Well, this talk is not just going to be about using ColdFusion as a backend for AIR applications. What will also be presented to you are the exciting features that are coming up in Centaur to build AIR applications!!

 What’s Centaur got to do with AIR?

Centaur will have some nice features centered around AIR Integration with ColdFusion.

What is it going to be?

One of the feature in Centaur will ease building offline applications in AIR.

Tell me more more more…

To know more sign up for the ColdFusion Powered AIR session today!!

Session info: Learn how to build Adobe AIR clients for use with your ColdFusion applications, leveraging offline data support and more. AIR is the powerful new runtime for portable desktop applications. Applications built for AIR are created using Flash, Flex, and other web technologies, making ColdFusion the ideal tool for building back ends.

What the session info does not have yet is that the session will also include Centaur related features.

When: Tuesday, November 18, 3:00pm – 4:00 pm

See you there! :)   

Sep

16

Create custom upload folders in the ColdFusion Rich Text Editor

Filed Under Ajax, ColdFusion, RIA | 2 Comments

A lot of visitors to my blog wanted to know how to configure upload directories per user or per instance of the rich text editor. Unfortunately, basepath attribute is the way out where you could set different configurations for each instance. Bob Hendren posted a comment that points to a useful link on one of my previous posts. The link shows how you could set the upload directories per individual user and how to set other configurations such as additional file type.

Here’s the link.

Aug

1

ColdFusion 8 Update 1: Rich Text Editor – file upload and spell check gets much simpler

Filed Under Ajax, ColdFusion | 25 Comments

[Update] : Hotfix for Security issue with FCKeditor – Please refer to this post

I had a couple of posts on how to get the File upload and Spell checker working on the Rich Text Editor control in ColdFusion Ajax. The good news now is that, with ColdFusion 8.0.1 most of that is taken care of and there is hardly anything to be done from your end to get both of those working. I always wanted to post about this. But since the ColdFusion docs talked about these changes to the Rich Text Editor, I kind of refrained from a post. I see interest from a lot of folks to get these functionalities working on the Rich Text Editor. So I believe this post still makes sense.

ColdFusion 8.0.1 has FCKeditor 2.5 as its underlying Rich Text Editor. This version has a lot of enhancements including the safari support in it.

For the File upload functionality on the Rich Text editor, it is just about setting a few parameters in /CFIDE/scripts/Ajax/FCKeditor/fckconfig.js to true. The Image Button, Link, Unlink, Image and Flash icons are now a part of the default toolbar. To enable specific kind of uploads, set the following properties in fckconfig.js to true.

FCKConfig.LinkBrowser = true;
FCKConfig.ImageBrowser = true;
FCKConfig.FlashBrowser = true;
FCKConfig.LinkUpload = true;
FCKConfig.ImageUpload = true;
FCKConfig.FlashUpload = true;

The spell checker however still involves installing the third party aspell library. The detailed instructions to get this working can be found in the 8.0.1 release notes document. Do take a look at it if you are interested in getting the spell checker working. The document also has information about the file upload which I have discussed in this post.