displaying top 100 results
Josh Kutz If you want a quick loading docs site try:
https://cfdocs.org/
By Pete Freitag and community.
Not sure if it has CF2018 syntax updates yet.
Tracker Comment Comment on Function SerializeJSON() converts employee's last name ("No") to boolean false in JSON output by External U.
2613240 CF-3337394 External U. As mentioned by Pete Freitag the bug still exists in CF10U16 is serializing a struct outside a CFC
5361900 CF-4204021 T. O. To fix urgently by Adobe team (please). And tnx to Pete Freitag.
Tracker Issue Bug 78060:(Watson Migration Closure)There is no mask (undocumented?) in the TimeFormat function for timezone
2600502 CF-3038959 Language Pete Freitag Bug 78060:(Watson Migration Closure)There is no mask (undocumented?) in the TimeFormat function for timezone Problem:
There is no mask (undocumented?) in the TimeFormat function for timezone. When you use the mask "long" the time zone is outputted. I think
Tracker Issue Bug 75693:(Watson Migration Closure)There is no version of cfencode that runs on Mac in the bin directory
2601694 CF-3037687 General Server Pete Freitag Bug 75693:(Watson Migration Closure)There is no version of cfencode that runs on Mac in the bin directory Problem:
There is no version of cfencode that runs on Mac in the bin directory. There is one for solaris, linux, and windows, mac is missing
Tracker Issue CFAdmin Server Update Gray Spacing Issue
attached screenshot.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3738195
External Customer Info:
External Company:
External Customer Name: pete_freitag
External Customer Email:
External Test Config: My Hardware and Environment details: Found
", these path references should be dynamic so you can properly lock down /CFIDE without breaking functionality.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3722462
External Customer Info:
External Company:
External Customer Name: pete_freitag
2601393 CF-3038010 Security : General Pete Freitag Bug 76211:A Attribute httponly is needed for the CFCOOKIE tag Problem:
A Attribute httponly is needed for the CFCOOKIE tag. This is a security feature that makes the cookie inaccessible from JavaScript to mitigate XSS attacks. More info here: http
Portal Topic ColdFusion Fiddle project – CFFiddle
Rakshith Naresh ColdFusion Fiddle project – CFFiddle The CFSummit East conference we announced the availability of ColdFusion Fiddle, available at https://cffiddle.org/ We realize that many of you were waiting to get access to this from the time we announced. A huge thanks to Pete Freitag from
Portal Topic Online ColdFusion Meetup Meeting Coming Up
Grae Desmond Online ColdFusion Meetup Meeting Coming Up Just got notification of a new Coldfusion Meetup meeting coming up December 14th at noon eastern. The topic is “Protect your CFML Apps with FuseGuard 3” and given by Pete Freitag. More details can be found here
George Pickin 3 ways to test your ColdFusion API – Presented at CF Summit 2017 CF Summit 2017 was a lot of fun, lots of new faces, and good to meet friends, old and new alike. I really enjoyed the ColdBox 2 day training, RESTFul Training Bootcamp. I also enjoyed, Pete Freitag’s Hands On CFML
Portal Topic Server Auto-Lockdown
Guide prepared by Pete Freitag for helping server administrators to secure ColdFusion Installations. The installer guides the users to change some permissions in their system to secure their ColdFusion installation. A few settings that need to be changed are: Set some OS level file system […]
The post
Fusion Security Workshop (Trainer : Pete Freitag) and Going from Zero to 60 with Docker and ColdFusion images (Trainer : Charlie Arehart). Register Now at https://cfsummit.adobeevents.com/preconference/. Both of the workshops are full day BYOD (bring-your-own-device) hands-on labs and will be a great learning
discuss the relaunch of the Online ColdFusion Meetup and the next presenter is Pete Freitag.
And much much more...
The post Modernize or Die® Podcast – CFML News Edition – Recorded October 22nd, 2019 appeared first on ColdFusion. Announcements,Blog,CF Alive Podcast,announcements,blog,cf alive podcast,CFML,podcast
Benjamin Reid I am not saying anyone running cf2018 would encounter this issue.I am experiencing it though.I really just wanted some help to figure out my issue.I have applied a lockdown, in accordance with the official 2018 lockdown guide from Pete Freitag, although I am not expecting
Portal Comment Comment on RIAForge decommissioning by Rakshith Naresh
Rakshith Naresh Thanks to folks who have posted various suggestions on the way forward. Unfortunately, transferring the ownership of RIAForge to some other entity/person other than Adobe is not an option here. In fact, this is the first thing we checked. I had even reached out to Pete Freitag
-----------------------------
Watson Bug ID: 3739003
External Customer Info:
External Company:
External Customer Name: pete_freitag
External Customer Email:
them to be there on a production server
Any Workarounds: You can remove them, but most people don't.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3737264
External Customer Info:
External Company:
External Customer Name: pete_freitag
External
Tracker Issue Error in init script when created using cf-init.sh
.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3719102
External Customer Info:
External Company:
External Customer Name: pete_freitag
External Customer Email:
External Test Config: My Hardware and Environment details:
CentOS 6.5 64 Bit
: pete_freitag
External Customer Email:
External Test Config: My Hardware and Environment details:
CentOS 6.5 x86-64
Tracker Issue ColdFusion AMI's default to 512MB max heap
-----------------------------
Watson Bug ID: 3535998
External Customer Info:
External Company:
External Customer Name: pete_freitag
External Customer Email:
External Test Config: My Hardware and Environment details: I found this on the Large Linux instance.
Tracker Issue Unable to specify Cookie Timeout of -1 in Administrator
-runtime.xml manually and it works
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3326488
External Customer Info:
External Company:
External Customer Name: pete_freitag
External Customer Email:
External Test Config: My Hardware and Environment details: RHEL 6.3
can modify the script as I blogged about here: http://www.petefreitag.com/item/810.cfm
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3325996
External Customer Info:
External Company:
External Customer Name: pete_freitag
External Customer
Portal Topic Adobe ColdFusion Conferences (Comprehensive list)
ColdFusion Webinars 2020 ColdFusion for the Next Decade — All about the Buzzworthy ColdFusion 2020 (Webinar by Adobe) Adobe ColdFusion Developer Week 2020. ColdFusion Webinars 2019 Continuous Security for your CFML code with Fixinator Webinar with Pete Freitag Clean up your legacy code […]
The post
Tracker Issue Add Detailed JSON file to report export
could compare the reports or log progress.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4130057
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test
Tracker Issue Ubuntu Not supported in cf-init.run.sh
on Ubuntu
Actual Result: Does not start CF automatically
Expected Result: Starts CF automatically.
Any Workarounds:
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3781603
External Customer Info:
External Company:
External Customer Name: pete_freitag
Tracker Issue Hard Coded References to /CFIDE/scripts
-----------------------------
Watson Bug ID: 3737272
External Customer Info:
External Company:
External Customer Name: pete_freitag
External Customer Email:
External Test Config: My Hardware and Environment details:
:
External Company:
External Customer Name: pete_freitag
External Customer Email:
External Test Config: My Hardware and Environment details: ColdFusion 10 Update 7 on Linux
Tracker Issue MySQL 5.6 Unable to Execute Queries
the MySQL JDBC driver instead, but I haven't tested this.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3506758
Keywords:
FixTested
External Customer Info:
External Company:
External Customer Name: pete_freitag
External Customer Email:
BSafe CryptoJ Library included in ColdFusion enterprise and ColdFusion developer edition that prevents it from working with certain SSL Certificates. Specifically it seems to be a problem with the Diffie-Hellman Key Agreement(KeyAgreement.DiffieHellman) (credit: Pete Freitag)This is reproducible
Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Tracker Issue SQLi allowed inside any cfif
flagged
Expected Result: SQLi Flag
Any Workarounds: nope
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4126656
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE
Tracker Issue Uninstall does not remove cf_scripts folder from wwwroot
Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Tracker Issue Enable/Disable Servlets Installer UI is confusing
Workarounds:
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4126455
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Details -----------------------------
Watson Bug ID: 4126454
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Tracker Issue Jetty folder includes unused JRE 162mb
:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
like RDSServlet)
Any Workarounds: Comment it out manually.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4126450
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE
Tracker Issue FCKeditor version is out of date
.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4126448
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Tracker Issue Duplicate cfajax.js in /cf_scripts
/a
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4126445
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Verified
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Tracker Issue No Linux Startup script for API Manager
Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Tracker Issue Terminology: XSS Attack
Details -----------------------------
Watson Bug ID: 4126395
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Portal Comment Comment on The Delicate Balancing Act between the number of ColdFusion Jobs and the number of ColdFusion Developers by Charlie Arehart
Charlie Arehart Daniel, there is indeed new development in CFML. I know of it in customers I support, and perhaps CFML development shops (or Adobe) can further confirm.
As for converting CFML tags to script, for those wanting to drive that, there is a useful tool for that from Pete Freitag
Portal Comment Comment on ColdFusion (2018 release) Update 9 and ColdFusion (2016 release) Update 15 released by Charlie Arehart
) that Pete Freitag’s awesome “HackMyCF” tool keeps pointing out that we are missing–but we can’t update Tomcat ourselves. We need Adobe to do it. What’s the holdup? (I am pretty sure there’s an equivalent concern regarding Tomcat 8 on CF2016, but I don’t have ready access to the version number he would
Tracker Issue Wish list
over the one in use. Let's get some integration with modern caching libraries.
Documentation improvements - Examples, navigation, ease of use, updatable by the community, integrated with a tool that runs the example code (like cflive or trycf) - See what Pete Freitag has done at cfdocs.org. It's so
Portal Comment Comment on Input validation to avoid XSS by Charlie Arehart
="nofollow">http://www.learncfinaweek.com/week1/cross_site_scripting__xss_/
https://www.adobe.com/devnet/coldfusion/articles/security-improvements-cf11.html
pete-freitag/coldfusion-2016
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4126661
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Bug File Paths:
\\sjshare
2673388 CF-4126659 Security Analyzer Peter Freitag Security Analyzer XSS Warning on XmlFormat HTMLEditFormat Duplicate ID: CF-4026103
Problem Description: If I set url.id = Int(url.id) and then output XmlFormat(url.id) HTMLEditFormat(url.id) and simply #url.id# -- no warning is triggered for #url
applications.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4126451
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Tracker Issue Linux Installer points to cf11 lockdown guide
: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Tracker Issue The s.gif fails to load when using non default scriptsrc
Fusion Administrator.
Any Workarounds: None.
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4126420
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Tracker Issue Security Analyzer False Positive on #DateFormat(now())# and certain other built-in functions.
2673556 CF-4126413 Security Analyzer Peter Freitag Security Analyzer False Positive on #DateFormat(now())# and certain other built-in functions. Problem Description: Treats #DateFormat(now())# as SQL injection in a query, though it is safe.
Steps to Reproduce: Create a file with the following
Tracker Issue Security Analyzer says encoded files have syntax errors
2673571 CF-4126394 Security Analyzer Peter Freitag Security Analyzer says encoded files have syntax errors Related Bugs:
4131907 - Similar to ColdFusion Builder
4131907 - Similar to ColdFusion Builder
Problem Description: If there are files encoded with cfencode it says they were not scanned due
Tracker Issue Security Analyzer Reports hardcode image paths
:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
Result: Expect it to produce a result.
Any Workarounds: None
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 4130055
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE
Vincent Krist I am unable to install Update 8 on our CF 2016 server. The server is running CF 2016 Update 7 on Windows Server 2008 R2. Coldfusion 2016 was originally installed using Pete Freitag's lockdown guide and we have never had any problems installing the previous updates. The Coldfusion
Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:
2673550 CF-4126420 CFwatson U. Added By: PreRelease User User Name:Peter Freitag Note Added: Tested this on a Mac using the Feb7 build and it seams to be working now. I don't think I will have a chance to retest on Linux right now, but I would assume it was not a platform specific issue. Date Added
the sub-components to install."
Thanks!,
-Aaron Date Added :2016-01-21 00:52:14.0
Added By: PreRelease User User Name:David Epler Note Added: The wording has always been confusing to me. Agree with Pete in changing the instruction to make it clear as to what checking or unchecking actually does
Tracker Issue Using Redis for Session Management Fails
External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config: