displaying top 100 results
Tracker Comment Comment on Official Adobe ColdFusion Docker Images by David R.
Comment on Official Adobe ColdFusion Docker Images by David R.
Tracker Comment Comment on spreadsheetRead/write functionality damages spreadsheet formatting by David R.
Comment on spreadsheetRead/write functionality damages spreadsheet formatting by David R.
Tracker Comment Comment on spreadsheetRead/write functionality damages spreadsheet formatting by David R.
Comment on spreadsheetRead/write functionality damages spreadsheet formatting by David R.
Tracker Comment Comment on CF2018 update page, scroll bar is missing in the update description. by David R.
Comment on CF2018 update page, scroll bar is missing in the update description. by David R.
Tracker Comment Comment on spreadsheetFormat* font-related style properties will not accept boolean literals by David R.
Comment on spreadsheetFormat* font-related style properties will not accept boolean literals by David R.
Tracker Comment Comment on Installation Splash Screen Displays Adobe ColdFusion Builder 2016 instead of 2016 by David R.
Comment on Installation Splash Screen Displays Adobe ColdFusion Builder 2016 instead of 2016 by David R.
Tracker Comment Comment on spreadsheetFormat* font-related style properties will not accept boolean literals by David R.
Comment on spreadsheetFormat* font-related style properties will not accept boolean literals by David R.
Tracker Comment Comment on CF2018 update page, scroll bar is missing in the update description. by David R.
Comment on CF2018 update page, scroll bar is missing in the update description. by David R.
Tracker Comment Comment on Installation Splash Screen Displays Adobe ColdFusion Builder 2016 instead of 2016 by David R.
Comment on Installation Splash Screen Displays Adobe ColdFusion Builder 2016 instead of 2016 by David R.
Tracker Comment Comment on CF2018 : property named "name" in mappedsuperclass entity generate an error on second request by David R.
Comment on CF2018 : property named "name" in mappedsuperclass entity generate an error on second request by David R.
Tracker Comment Comment on CF2018 update page, scroll bar is missing in the update description. by Charlie A.
6254346 CF-4205243 Charlie A. David R states in a "vote comment" here that "this remains an issue". Are you on update 7, David? That's what fixed this.
Tracker Issue Bug 74751:Hi,
2602181 CF-3037141 General Server David Dharmaraj R Bug 74751:Hi, Duplicate ID: CF-3037140
Problem:
Hi,
Would it possible to provide us a (Flex / AIR) GUI clientfor accessing the built-in Apache Derby database.
Thanks,
David R
Method:
Result:
----------------------------- Additional Watson
Tracker Issue Bug 74749:(Watson Migration Closure)Hi,
2602182 CF-3037140 General Server David Dharmaraj R Bug 74749:(Watson Migration Closure)Hi, Problem:
Hi,
Would it possible to provide us a (Flex / AIR) GUI clientfor accessing the built-in Apache Derby database.
Thanks,
David R
Method:
Result:
----------------------------- Additional Watson
Tracker Issue Bug 75027:The structure creation accept reserved keywords as their keys, which they shouldn't be
2602050 CF-3037286 Language : Datastructure David Dharmaraj R Bug 75027:The structure creation accept reserved keywords as their keys, which they shouldn't be Problem:
The structure creation accept reserved keywords as their keys, which they shouldn't be.
I tried this, (I've used the "AND
Tracker Issue Bug 79002:"The cfform skin name bluegray not found
2600084 CF-3039405 CFForm : Standard XML David R Bug 79002:"The cfform skin name bluegray not found Problem:
"The cfform skin name bluegray not found. " is what the error message I am getting. But the documentation says that we can specify "bluegray" as a skin.{some_other_code}
Method
Tracker Issue Bug 75399:(Watson Migration Closure)The newly introduced query() function doesn't allow us building Query of queries
2601864 CF-3037496 Database : CFQuery David Dharmaraj R Bug 75399:(Watson Migration Closure)The newly introduced query() function doesn't allow us building Query of queries Problem:
The newly introduced query() function doesn't allow us building Query of queries.
Please add this feature..
Thanks
2602238 CF-3037078 Documentation : Examples David Dharmaraj R Bug 74363:The example provided with the "CentaurAlpha2FeaturesGuide Problem:
The example provided with the "CentaurAlpha2FeaturesGuide.pdf" (turn to page 29) titled "Using the Image class" lacks an namespace,
"xmlns
2597885 CF-3042138 Administrator : Administrator Console David R Bug 84111:Hi, When ever I tried to access the "Settings" menu which is available under the "Server Settings" tab in CF Administrator I am receiving a strange error stating "Variable ENABLEIMPLICITUDFREGISTRATI Problem:
Hi, When ever
Tracker Issue Nulls go to undefined when getQueryRow() is used
3531633 CF-4199809 Language : Null Support David Mitchell Nulls go to undefined when getQueryRow() is used Problem Description:
When getting a row from a query via getQueryRow(), column values become 'undefined'. The keys are present in the struct but attempting to get the value results
Tracker Issue Security Analyzer - Should be POST only
2673362 CF-4126694 Security Analyzer David Epler Security Analyzer - Should be POST only The security analyzer sends data via GET and should be POST.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4126694
External Customer Info:
External
KURGU PRISCILLA NEDD FRIENDLY , A.C.E . YAPIM G?R?NT? TASARIMI NELSON COATES Y?NETMEN? OLIVER STAPLETON , BSC SRUMLU ALEX KURTZMAN VE ROBERTO ORCI MARY MCLAGLEN YAPIMCILAR YAPIMCILAR DAVID HOBERMAN TODD LIEBERMAN SENARYO PETER CHIARELLI SE?KiN SiNEMALARDA S E ? K i N S i N E M A L A R D A SE?KiN Si
Tracker Issue "Download and Install" fails when installing on Update 1
-----------------------------
Watson Bug ID: 4152217
External Customer Info:
External Company:
External Customer Name: David Belanger
External Customer Email:
External Test Config: My Hardware and Environment details:
CF2016, no HF, W2012R2 64bit
2608227 CF-4160212 Security David Mitchell Coldfusion 11 ships with outdated version of Antisamy library Related Bugs:
CF-4160218 - Similar to
Problem Description:
The version of Antisamy which ships with CF11 is 1.4.4. This version was released in early 2011 (see: http
Tracker Issue [ANeff] Bug for: cached query breaks serializeJSON()
Dump(serializeJSON(q));
Actual serializeJSON(q) result: {"COLUMNS":[],"DATA":[[]]}
Expected serializeJSON(q) result: {"COLUMNS":["ARTID","ARTISTID","ARTNAME","DESCRIPTION","PRICE","LARGEIMAGE","MEDIAID","ISSOLD"],"DATA":[[1,1,"charles1","Pastels/Charcoal",10000,"aiden01.jpg",1,1]]}
Thanks to David for coming across this
Tracker Issue Security Analyzer - Cookies in cfscript
2673361 CF-4126696 Security Analyzer David Epler Security Analyzer - Cookies in cfscript The security analyzer does not match stated rules for identifying issues with cookies when they are created with script.
----------------------------- Additional Watson Details
Tracker Issue Security Analyzer - Secure with Credentials
2673363 CF-4126693 Security Analyzer David Epler Security Analyzer - Secure with Credentials While the documentation says the security analyzer is "available only in development server, it is not available in the production server". There are still a potential for ColdFusion to be installed
Tracker Issue Security Analyzer - CGI scope is not "Safe"
2673376 CF-4126678 Security Analyzer David Epler Security Analyzer - CGI scope is not "Safe" When running the security analyzer across attached code it should flag the use of CGI.HTTP_USER_AGENT in line 1 as XSS and line 4 as SQLi.
There are numerous items populated into CGI scope that come
2673379 CF-4126670 Security Analyzer David Epler Security Analyzer - Does not flag incorrect EncodeFor Contexts The security analyzer seems to only be checking for EncodeForHTML regardless of the context of where the variable is used. This is incorrect. If the variable is being used in an HTML
2673380 CF-4126669 Security Analyzer David Epler Security Analyzer - Better information for HTMLEditFormat Prior to ColdFusion 10, the only way to escape/encode for XSS was mostly through the use of HTMLEditFormat. This function was deprecated when in ColdFusion 10 the ESAPI EncodeFor* functions
Tracker Issue Security Analyzer - CSRF Attack detection does not work
2673381 CF-4126667 Security Analyzer David Epler Security Analyzer - CSRF Attack detection does not work Related Bugs:
CF-4080920 - Similar to
The CSRF Attack detection for the security analyzer does not work according to the documentation.
Attached code samples have the correct usage
Tracker Issue Security Analyzer - addtoken and Secure Profile
2673382 CF-4126665 Security Analyzer David Epler Security Analyzer - addtoken and Secure Profile The behavior for addtoken in changes if Secure Profile is enabled or not. As the security analyzer is currently implemented it has no knowledge if the code will be deployed to a server with Secure
Tracker Issue Security Analyzer - Fails to identify passwords in Script Functions Implemented as CFCs
2673384 CF-4126663 Security Analyzer David Epler Security Analyzer - Fails to identify passwords in Script Functions Implemented as CFCs The security analyzer fails to identify hardcoded passwords in script functions implemented as CFCs that were introduced by Adobe in ColdFusion 9.
http
Tracker Issue Security Analyzer - Need top honor more cfparam types
2673385 CF-4126662 Security Analyzer David Epler Security Analyzer - Need top honor more cfparam types Currently the security analyzer seems to only check for . There are additional types that have specific format which will block invalid/dangerous input.
The other types that should be allowed are
2673390 CF-4126655 Security Analyzer David Epler Security Analyzer - Fails to detect variables in struct notation The security analyzer can not detect XSS or SQLi when variables are changed from from scope.variablename to scope["variablename"]
----------------------------- Additional Watson
2673391 CF-4126654 Security Analyzer David Epler Security Analyzer - Does not detect missing method on The security analyzer does not detect the missing method on html . W3C specification states that if it is not there it defaults to get.
----------------------------- Additional Watson Details
Tracker Issue Security Analyzer - Fails to detect XSS when variable goes through duplicate(), structAppend(), or structCopy()
2673392 CF-4126652 Security Analyzer David Epler Security Analyzer - Fails to detect XSS when variable goes through duplicate(), structAppend(), or structCopy() The security analyzer does not detect XSS when an unsafe variable is processed through duplicate, structappend, or structcopy
Tracker Issue Security Analyzer - Incorrect SQLi
2673360 CF-4126698 Security Analyzer David Epler Security Analyzer - Incorrect SQLi The security analyzer incorrectly identifies attached code as having a SQLi where the variable is completely controlled through the code
Security Analyzer should understand the context of variables
2599869 CF-3039634 Database : CFQuery David McGuigan Bug 79382:When you have a cfquery that within its body calls any cffunction that itself runs a cfquery, the containing cfquery will use the function’s query’s datasource and ignore the one passed to it as an at Problem:
When you have a cfquery
Tracker Issue Problem with CF11 and HTTP
2609807 CF-3763348 Net Protocols : HTTP David Byers Problem with CF11 and HTTP I've run into a problem (I think) with http in ColdFusion 11 and I'm wondering if this is a known issue. I'm doing a pretty straightforward HTTP call to the Google Places API in order to retrieve a JSON packet