Please use threads @gsr

CommandBox question - On my local dev PC I'm currently running ACF2018 / IIS and creating hosts entries for the local sites I work on. I wanted to try out CommandBox and ACF2021 and I'm watching Brad Wood's video on configuring ACF+CommandBox to use AJP to connect to my IIS. My question is - is doing this going to break my currently running fine ACF2018 / IIS local install? I'm looking at the video at "setup Boncode connector" using ALL IIS sites or "let me choose". If I go with "let me choose" will it allow me to just pick my one test site setup by CommandBox and leave my other sites setup by ACF2018 alone?

Ever had one of those days where you have tried to do one thing, all day, and failed so much that you don't even know what you have tried and failed with any more? (and I know it is simple) I am trying to use the Amazon Pay Java jar, instantiating the object in CF, and I can't even find the methods - even though I can see them right on the screen in the cfdump! Doesn't help much that the only java I have ever used was in the core of Java either.. Message: com.amazon.pay.api.WebstoreClient.<init>() Type: java.lang.NoSuchMethodException Detail: An exception occurred while instantiating a Java object. The class must not be an interface or an abstract class. If the class has a constructor that accepts an argument, you must call the constructor explicitly using the init(args) method. Error : com.amazon.pay.api.WebstoreClient or AmazonPayClient <cfset wsClient=createObject('java', 'com.amazon.pay.api.WebstoreClient')> <cfset butSig=wsClient.generateButtonSignature(initVars)> <cfset apClient=createObject('java', 'com.amazon.pay.api.AmazonPayClient')> <cfset butSig=apClient.generateButtonSignature(initVars)>

This one has been driving me crazy and I've posted a couple places about it, but not here. I'm 99% sure this is not a CF problem per se, but something with isapi_redirect, IIS, Tomcat and maybe web.config. Windows 2016 server, IIS 10 and Adobe ColdFusion 2018 using Tomcat. The server has about 8 sites on it and one site is getting intermittent 500 errors. All other sites remain up and responsive. Failed Request Tracing shows "Filter Error - Incorrect Function 0x1" The site will come back up if you recycle the app pool for that site, or restart that site in IIS. I have the app pool set to recycle every 10 minutes for now to minimize downtime (which is now at about 4-6 times per day - could be mid day when presumed traffic is heaver than middle of the night - it doesn't seem to matter). In March it was doing it frequently (once per day or more) and we recreated the site - new web root, new IIS config etc. same thing. I then noticed that the uptime on the server was several weeks, where normally it should reboot on every Sunday night and also pop a notification that updates were installed and a reboot is needed (neither of those happy anymore). Did the reboot and the site was fine - until 6/22. Then the 500s started again. I've scoured every log and there is no single event, template, or URL that I can see that causes it. Charlie has spent a bit of time working with us on this but we're still experiencing the errors. One thing I had done back in March was strip the web.config of the redirects - other than http to https - not sure if it was that or the reboot that gave us a few months respite. Tomorrow in desperation I'll clone the site into a new directory, create a new IIS site and run wsconfig on it to see if that helps. Every time I now Google for this error I'm only getting my posts about it so for some reason I seem to be complete alone in this quagmire!

I have been working on a cfc for amazon pay that leverages their published java package and hit a snag. It is probably because I don't work with java packages very often and am likely hitting something to do with inheritance or something else I haven't learned. Hoping one of y'all can give me some pointers. This is the link to Stack Exchange. Unfortunately I have not found anything CF related that uses Amazon's new API, only legacy stuff and it is not helping much. I REALLY do not want to roll my own CF only solution either, I want to leverage their package. https://stackoverflow.com/questions/72892289/amazon-pay-checkout-java-v2-in-coldfusion-cfc-method-not-found

Does anyone understand why the code analyzer in CF Admin never lets you analyze according to the current version of CF that's running? I'm on a new 2021 server, it only lets me go up to 2018, but what I really want to know is if the code is fully compatible with THIS version, CF 2021.

301 Redirect Issue Hi all, I am having someone have a 301 redirect issue when they are installing my Galaxie Blog software. I use a cfinclude in my application.cfc if the blog is not installed to include the installer template in another directory. However, when the template is included, it loads, but a 301 redirect occurs to the same page. I don't have any 301 headers in the code, what could be causing a 301 redirect here? I am assuming that it must be something else on the individual's server. Could a simple cfinclude automatically create a 301 redirect somehow on my end? I have never seen this issue before.

The Hawaii ColdFusion developers Group is looking for a speaker to talk about OOP & ColdFusion. Please get a hold of me if you could give a talk.

Hi, is anyone using CF to interact with S3 without passing in credentials ? My issue is i'm trying to do just that but CF appears to send "null" in the request for the API key and that's failing the call. I dont need to send in credentials thanks to the way I've set things up. I can call S3 using command line aws without any issue, its just CF (on the same EC2 instance) thats having issues.

So have a modal/dialog box that I am doing an upload of a file, and then the file is compared to database data and a new Excel file is generated. This is all done in a component, however when I use cfheader/content to try to download the new excel file, it just does not seem to work in the component...I figured I can do this in a cfc function and not just in a .cfm file, but for some reason it is not working....any thoughts on using a cfc function to download a newly created excel file? thanks

2 new CF 2021 servers in the process of being set up, I'm seeing multiple instances this pair or errors in the logs for both of them when CF stops:

Jul 11, 2022 10:50:48 AM org.apache.catalina.loader.WebappClassLoaderBase checkThreadLocalMapForLeaks
SEVERE: The web application [ROOT] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@7ae4d864]) and a value of type [org.apache.xerces.jaxp.SAXParserFactoryImpl] (value [org.apache.xerces.jaxp.SAXParserFactoryImpl@3aff0ba0]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.
Jul 11, 2022 10:50:48 AM org.apache.catalina.loader.WebappClassLoaderBase checkThreadLocalMapForLeaks
SEVERE: The web application [ROOT] created a ThreadLocal with key of type [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@e6be670]) and a value of type [org.apache.xerces.jaxp.SAXParserImpl] (value [org.apache.xerces.jaxp.SAXParserImpl@73cbdaa7]) but failed to remove it when the web application was stopped. Threads are going to be renewed over time to try and avoid a probable memory leak.

Ring any bells? Can anyone confirm whether they do or don't see this in their CF 2021 coldfusion-error.log?

Another bump in the night for our 2 new CF 2021 servers, seeing this in the logs for both of them on server startup:

SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in [jar:file:/E:/ColdFusion2021/cfusion/lib/log4j-slf4j-impl-2.17.2.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in [jar:file:/E:/ColdFusion2021/cfusion/lib/slf4j-log4j12-1.7.12.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See <http://www.slf4j.org/codes.html#multiple_bindings> for an explanation.
SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory]

Are we only supposed to have one of those two jars? Which one? I didn't install either of them manually, just did the CF install and all CF and Java updates up to current, plus the QoQ patchy thing I got from Support. Can anyone confirm whether they do or don't see this in their CF 2021 coldfusion-error.log?

Since we've updated to CF 2018 Updater 14, we are getting a lot of java.lang.ArrayIndexOutOfBoundsException errors. Did anyone else experience this? we are trying to get a handle on it. My dev reminded me there was a Q of Q patch out there, but struggling to find it to reapply.....if indeed is the issue.

Secure Cookies question. Am I right that if the cert on the site isn't trusted, because it's a dev site that uses a wildcard cert from another domain of ours, then cookies will show in the chrome dev console as not secure, and not http only? Not secure I expected due to the cert, but I thought http only would still be honored. The box is checked in cf admin.

In looking at cffile using upload I see this for the allowed allowedExtensions "A comma-separated list of file extensions, which will be allowed for upload. For example, .png, .jpg, or, .jpeg. You can use "*" (star) to allow all files, except where you specify the MIME type in the accept attribute. Values specified in the attribute allowedExtensions override the list of blocked extensions in the server or application settings." I just want to make sure I'm not crazy and that it wont let me shortcut it to images/* to allow all images? Am I correct in this assumption? Any work arounds for that or am I just gonna list all image types

IIS connector question: What's the actual difference between Add-ing individual sites, Add All-individually, and Add All? The reason I'm thinking about this right now is that I couldn't get one of two sites on one of two new servers to handle cfml, just gave a 503 service unavailable, html was fine. A coworker said he always did Add All, which did work, so now I'm trying to understand this process in a little more detail.

not sure what happened but the CFML tab was removed from curlconverter.com. I assume maybe the developer took it off because they thought it wasn’t being used much, voice your opinion here to let him know we want to use it https://github.com/curlconverter/curlconverter/issues/416

This should spice up a boring Wednesday 🙂 https://twitter.com/bdw429s/status/1547335166984687617

The CF 2018 production server for one of our big apps sometimes starts throwing template not found errors, always missing the same one, when nothing has changed. The template is used by a ton of pages, and it definitely exists. Clearing the template cache fixes the problem, until it comes back some weeks later. Has anyone else seen this? Any ideas for a fix?

JVM tunning: Should I remove the Metaspace setting. It is currently set to 192MB, which I think is default. In my application.log I see this:

"Error","ajp-nio-127.0.0.1-8014-exec-111","07/15/22","13:35:38","2A6C741F4FCF2B85354682B4B3F82EB2","Metaspace The specific sequence of files included or processed is: E:\api\index.cfm"

I may be taking over the responsibility for the CF servers for our agency. They are pure Adobe 2018 servers (not Lucee). While I have ‘poked’ around the Admin, I wouldn’t call myself a seasoned expert. Apart from the Adobe documents, are there any quality resources I could leverage to learn CF Server Administration as fast as possible?

Hi, I am trying to import the DSN settings to a new server from 2018 to 2021, i can build a CAR for it but the issue is, we are planning to change the password for all existing DSN and push to the new server, is there any other way of doing the same thing, like programmatically

cf + sql server (version agnostic): i'm wondering about doing multiple queries that all rely on a 'session-specific' flag, that is a sql server session-specific flag (setting identity_insert on/off which is only valid for a single sql server session). if i have multiple, separate cfqueries on a test page and each just does

SELECT @@spid AS theSpid

i get the same value from those multiple queries, but i'm concerned that that's just a reflection of connection pooling, rather than some kind of symmetry between a single cf request and single sql server session. does anyone know if that's true? if i were to wrap all the queries in a cftransaction would that truly 'bind' them all together into a single 'session' from sql server's standpoint? it just feels like there's nothing preventing cf from opening another connection (and therefore a new @@spid) if it needs to during the lifecycle of the request. i don't want to presume that all cfqueries in a given request actually belong to the same sql session if it's even a little bit inconsistent

A recent pentest generated some 500 errors like this:

javax.servlet.ServletException: ROOT CAUSE: 
java.lang.IllegalArgumentException: err.io.short_read
    at coldfusion.filter.FormScope.parsePostData(FormScope.java:326)
    at coldfusion.filter.FormScope.fillForm(FormScope.java:296)
    at coldfusion.filter.FusionContext.SymTab_initForRequest(FusionContext.java:408)
etc...

Does anyone know anything about avoiding that? Clearly this isn't normal traffic, the pentesters are actively trying to blow things up and poke holes, but ideally they don't succeed.

anyone here actually using an event gateway in lucee (5.3.9.141) and it works? i've used them in ACF before and it was easy, but lucee does not seem to ever use my cfc (i am not using a custom listener)

I'm trying to create an app that opens up Microsoft Powerpoint Presentation Files. (In Presentation Mode) The files will be opened from a full-screen gui that acts as an agenda. If you were embarking on this journey. 1. Do you see any way to accomplish this with CFML 2. What would you recommend looking into as programming languages? I don't know yet how to best interfacer with Powerpoint. It seems to accept command line parameters to open documents, but I'm trying to figure out where to start.

i have a question, as we are migrating the code to 2021, the date which DD has issues in cfml, can we do something like a custom udf or any javacode in application.cfm or cfc which will take care of the date everywhere as we have tons of file which might need a change and some are really complicated

a simple fnr will not work

Do I understand correctly that the most recent Java release on the ColdFusion downloads page, 11.0.16, is recommended for both CF 2018 and CF 2021?