This is exactly what I needed. Got that ZIP file and it was installed automatically and correctly by CFWheels. Thank you.

Next question. I am migrating an old Legacy CFWheels 1.4.5 site to 2.3.0. I know I can add encode="attributes" wherever I need to to preserve my Bootstrap code in my clickable links, buttons, etc... Is there a way to set this globally? I have a metric-buttload of these that need to be updated if I can't. Thousands and thousands of fixes required....

There is, I'm on my phone let me look up some code and paste in a second.

In your config/settings.cfm file put something like this: // Text/select/password/file Fields set(functionName="textField,textFieldTag,select,selectTag,passwordField,passwordFieldTag,textArea,textAreaTag,fileFieldTag,fileField", class="form-control", labelClass="control-label", labelPlacement="before", prependToLabel="<div class='form-group'>", prepend="<div class=''>", append="</div></div>", encode="attributes" ); You can add any code you need to and it will be used to augment your use of the form helpers.

Where in the documentation do I find this?

Look at the section “Function Settings” half way down the page. It shows you how you can set defaults for any of the wheels functions.

Perfect. So for my Links I'm just doing this and Instant Results - 10 years of legacy CFWheels code just works 🙂 set(functionname="linkTo", encode="attributes");

Yup, that should do it. Make sure you look at each of the release notes to make sure you don’t have anything else that needs to be done. There were some changes in 2.2 like events/onabort.cfm and findLast() that need to be addressed. May be other stuff along the way but overall it should be pretty easy.

I've been through the upgrade guide already. I've addressed those. The big one is going to be to fix or update all the methods from the old Bootstrap plugin that doesn't seem to exist anymore. Not sure if the old plugin works with 2.x yet. I'll be looking at that tomorrow.

Cheers!

Let me know if you get stuck with that plugin and we can figure something out. By the way, keep the discussion board in mind as well. https://github.com/cfwheels/cfwheels/discussions that way the messages will get archived.

Wheels.InvalidAuthenticityToken

This POSTed request was attempted without a valid authenticity token.

Any way to turn off requiring authenticity token on post? I setup a post route to use a wysiwyg editor's upload url javascript parameter. csrfMetaTags() is in the <head>. It's obviously not getting the token so can I turn off requiring the token on post? I don't see any setting here - https://guides.cfwheels.org/cfwheels-guides/working-with-cfwheels/configuration-and-defaults#csrf-protection-settings

I probably will have to ask the editor makers if there is a way to send the csfr token it along. If it was my own js function it would be easy to send along.

@risto could you call

protectsFromForgery(with = "ignore")

in your controller to make it ignore the check

@Peter Amiri That's a great temp solution. Thanks! Update - It works!

I'll add that to the API guides.

Have a look at the sample app too.. there is a pattern there to disable it in the controller config ()

Nice function I just needed it for one method to handle that Ajax call and ot has the except argument so other functions still covered.

If you still want csrf via Ajax, have a look at htmx

Literally a couple of attributes on your form

It will change your life

@chapmandu thanks for the info. I took a look at htmx and was impressed with it. Funny enough, @Peter Amiri turned me onto it a few weeks ago. My understanding is if you wrote a jquery (or vanilla js) ajax call with regular form serialization the csfr would automatically be included if you use startFormTag(). Have you tried that before? I will test it soon.

Hoping to get some help with runtime route loading. I'm on CFWheels 1.4.5 I sling this in my config/routes.cfm file:

addRoute(
	name="myRoute",
	pattern="myPattern",
	controller="myController",
	action="myAction"
)

If I then reload the app, I can then browse to http://localhost/myPattern/myAction, and it runs. Cool. However if I try to do this on the fly, eg:

addRoute(
	name="myRoute",
	pattern="myPattern",
	controller="myController",
	action="myAction"
)
http method="get" url="<http://localhost/myPattern/myAction>";

Then the request is handled by the

/

route. If I dump out

application.wheels.routes

immediately after the

addRoute

call, I see

myRoute

in the array. Equally, if I dump it out in the

/

route view, then I also see it there. So I'm wondering what the missing piece of the puzzle is that I need to do so that it's actually... used. It's like I've set it up, but I've not loaded it or something?

I'm not quite understanding the difference Adam. Do you mean that calling the route from within the framework using http isn't working?

Disclaimer: I'm in the middle of camping trip so responses may be sporadic...

I'm asking because the CF engine you're using may not be hitting the "rewriter" your web server is using. I've seen this happen in load-balanced environments or reverse proxied test environments where the developer's computer is requesting through the network but CF on the same box as the actual web server and the .htaccess/web.config rules aren't there (especially if you're telling me that you can see your route listed in the array)

CFWheels has a bug in how it handles the application scope, detailed here: https://blog.adamcameron.me/2022/09/cfml-looking-at-how-cfwheels-messes-up.html Am happy to raise an (abbrev`d) issue for it on GitHub if you like. I had a look and couldn't find an existing one. But if I'm off the mark in my assessment, pls lemme know if you like. #triggerWarning I am unkind about the design of CFWheels in that article. Nothing that isn't warranted, IMO, but I know some ppl consider CFWheels like their pet, not some code so... well... there you go. Be judicious in yer clicking.

I had a look at what's entailed in doing a pull req before, and read the CONTRIBUTING.MD file. I was left unsure as to what versions of CF and Lucee need to be supported. Might be worth adding that?