After seeing the discussion @Adam Cameron iniciated about deprecation, it reminded me about isDefined() deprecation. Of course, I always use structKeyExists() everywhere. But the session scope doesn't seem to exist all the time. That"s when I help myself with isDefined(). How do I check if a scope exists without isDefined()? Is there a scopeExists() or similar?

getApplicationMetadata()

@Andreas If you look in the Coldbox framework-- we've had to solve this in a cross-engine compatible manner as well.

Thx @websolete but I've seen session scope being created just when a session var is set, e.g. session.userid, despite of session enabled.

Over the years different versions of Lucee and Adobe have worked differently in how to detect if the session scope is enabled.

Going to dig into this

The `getUserSessionIdentifier() method in the controller is where this logic lives now. It looks like on the supported versions of ColdFusion, we are now able to use

var isSessionDefined = getApplicationMetadata().sessionManagement;

for all engines

👍 ⭐

I've seen session scope being created just when a session var is set, e.g. session.userid, despite of session enabled

i think what you're seeing in this case is implicit creation of a struct called 'session', which will go out of scope at the end of the request, not actually 'session scope'. misleading

Yeah, could be creating

variables.session.userid

Tons of thx @websolete & @bdw429s

there are a few rules about when a session is created (to avoids bots etc, needs an onSessionStart or a value assigned to the session), but i could imagine it being useful to make (optionally) the session scope R/O when sessions aren't enabled. also maybe a BIF

isSessionEnabled()

I'm quite interested to know how situations arise where ppl... don't already know if session management is enabled in their own applications or not. And what other situations where one might not know if some other scope might not exist?