Adam Tuttle

Entries Tagged as ColdFusion

Fix: What Are These Ugly and Useless Error Pages on My Fresh ColdFusion 10 Install?

I recently installed ColdFusion 10 on a new server, and of course I followed the CF10 Lockdown Guide [pdf].

Then I started moving sites onto the newly configured box and testing things out. And I got this lovely piece of work:

(Full disclosure: there are two possibilities, a "missing page" error, as shown above because it's easier to reproduce now for the purposes of the blog article, and a "there was an error" error, which is what I was running into at the time. For all practical purposes there is no difference.)

Viewing the source of this error message, it was clear that it was generated by ColdFusion. The references to files inside /CFIDE/ are a dead give away.

<html>
    <head>
        <InvalidTag http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>404</title>
    <link href="/CFIDE/administrator/templates/assets/style.css" rel="stylesheet"/>
    </head>
    <body>
    <div id="header"></div>
    <div id="spot">
         <image src="/CFIDE/administrator/templates/assets/spot.png" />
        <div id="title">404</div>
    </div>
    <div id="content">
        The page you are trying to access could not be found. Please try again or notify the administrator.
    </div>
    </body>
</html>

And as soon as I saw this I knew instantly why the image didn't work and the page was unstyled. Because the lockdown guide instructs you to remove the /CFIDE/ virtual directory from public-facing sites such as this one. I was curious what it would look like styled, so I briefly added the virtual directory to the site to get a look at it. This was the result:

... marginally better, I suppose. And once I knew that these errors were being served up by ColdFusion, I knew it had to be something I had done as part of the lockdown guide... Except that everything there I was familiar with. Except Secure Profile. Secure Profile is a mysterious setting you can enable during the installer that sets a bunch of settings to more secure default values.

Unfortunately, there's no quick "undo secure profile" toggle, to see if it is causing any problems for you. It just twiddles some knobs. You're capable of twiddling them too, but can't just flip them all like a light switch.

Right, so my hunch is that Secure Profile is causing these error pages. How do I turn them off? I puzzled about this for a few minutes, and eventually decided to read every setting it changes, hoping to find the culprit there. And as luck would have it, I found it pretty close to the top. Items #5 and #6 are Custom missing template error, and Custom site-wide error template. And, as much as I like to harp on Adobe for doing a poor job writing documentation, this page very nicely describes where to find the settings in question ("Server Settings > Settings"). So pop open the CF Administrator and find these settings down near the bottom of the general settings page:

Just empty these values out (or replace them with your preferred error pages) and submit, and you're good to go.

Published 2014-03-17 @ 09:00 in ColdFusion

CFML Grammar for Atom IDE (You've Got to Start Somewhere!)

Yesterday morning the internet was abuzz about something called "atom" that was "leaking" from GitHub. It was either a very clever and very successful marketing ploy, or (Occam's Razor, and all) they were just making private repositories public in preparation for beta launch and a few people that happened to be paying close attention realized something was up.

Basically, it's kind of a mashup of the idea behind Brackets and Sublime Text. There was even speculation that perhaps GitHub bought Sublime, because of how similar they look. And to be fair, it looks like the folks at GitHub have been working on this for something like 6 years -- long before either Brackets or Sublime was around.

By lunch time the website was up and you could request an invite to the private beta. I managed to get an invite, and while I haven't had a ton of time to play with it yet, I did manage to put together a CFML Grammar plugin (the thing that provides syntax highlighting and snippets). I don't want that to sound like I'm taking credit for some monumental work -- they provide a tool that will convert a TextMate Bundle into an Atom grammar, and I simply ran it against the latest official CFML TextMate Bundle, checked it into GitHub, and published it.

As the title of this post implies, it's not that great. The last commit to the TextMate bundle was roughly a year ago. Script-component support is basically not there, and I've only barely checked it against a few CFML files. But it's a start, and better than nothing. Feel free to file bugs or if you're feeling adventurous, submit pull requests.

I just wanted to get a baseline available ASAP, and then make sure you knew that it exists.

For now the Atom beta is limited to Mac OSX and you have to be running OSX 10.8 Mountain Lion or 10.9 Mavericks to run it. I have 1 beta invite that I'm willing to part with, but please remember: OSX 10.8+ only! I also ask that if you do get my invite, please pass some of your invites on to others that comment here asking for one. Pay it forward.

Published 2014-02-27 @ 08:55 in ColdFusion Meta

Bug found in Mach-II 1.9

I found a small bug in Mach-II 1.9; the final release before it was EOL'd. I wasn't really sure what the best way to handle this was. I'm still not, but I figure some action is better than no action. So I'm going to blog it in the hopes that regular users of Mach-II will see this and be able to file it away in the back of their minds for later reference. And hey, if someone wants to fork the project and fix it, all the more power to them. I considered doing so myself, but honestly I don't want to take on stewardship of the project; and the bug is an extreme edge case with a pretty simple workaround.

The bug is that if you change the filesystem path to your webroot/config files, no amount of reloading the framework will clear the cached location to the mach-ii.xml configuration file.

More concretely: I was doing some reorganization on one of our servers. We've been standardizing on c:\web\com.foo.bar\www ("reverse dns notation") as the location for application webroots, with their non-web-accessible files (e.g. the majority of files in a Mach-II app) organized a level up, e.g. c:\web\com.foo.bar\org\....

I made a fresh git clone of one of our projects and pointed IIS to the new file path and archived the old folder into a backup in case we would need it later. I opened up the site and reloaded the mach config, but was getting an error that the config xml could not be found -- and this was the head scratcher: It was listing the old path for the XML file. I spent probably an hour trying to find references to the old location in our code, bad relative paths in the config, or something like that. Frustrated, I just started dumping values and aborting from Application.cfc:

<cfdump var="#application.bootstrapper.appLoader.getConfigPath()#" abort="true" />

Oddly, this still showed the old path. So clearly, even with a reload triggered (MACHII_CONFIG_MODE = 1), there's a component with that path cached somewhere in the object graph and it's not being updated.

The solution was simply to restart the ColdFusion service. Now that I think about it, if you have the option, changing the application name (this.name = 'foo';) should be just as effective.

Like I said, it's an extreme edge case -- how often do you really move your source code around? -- and the workaround is simple. I just thought you should all know.

Published 2014-02-14 @ 01:23 in ColdFusion

Script Queries Are Dead; Long Live Script Queries!

I've long held the belief that the script-query syntax designed by Adobe sucks. It sucks very much. I even went so far as to outline what I think a better syntax might be almost a year ago.

I am now happy to report that, via just 24 lines of code, I have implemented almost exactly what I proposed.

result = new iQuery(
    "insert into myTable (name) values (:name)"
    ,{ name: "Bob the Builder" }
);
inserted_id = result.generatedKey;

Now that's a syntax that doesn't hurt the brain!

Aside from generally horrible syntax, the biggest pain point I experience with Adobe's script queries has to be the Query of Queries implementation. I can never remember how to set the existing query into the new query cfc instance so that it will be available for QoQ. My new syntax makes it pretty darn easy to remember:

[result =] new iQuery( SQL [, parameters] [, options] [, QoQ] );

parameters: { id: 1, lastname: 'foo', ... }
options:    { cachedWithin: createTimeSpan(...), datasource: 'myDSN', ... }
QoQ:        { people: new iQuery(...), ... }

So for a QoQ:

variables.people = new iQuery("select name, age from person");

variables.octogenarians = new iQuery("
    select name, age from qoq.people
    where age >= 80 and age <= 89
", {}, { dbType: "query" }, { people: variables.people } );

Basically, just pass a structure containing one or more named query objects (the key name will be the query name), and reference them in your SQL as qoq.[key_name]. Pretty darn easy if I do say so myself.

Full details including installation instructions and more usage examples are available in the GitHub ReadMe. I've only tested on CF10 but this should be compatible back to CF9, and possibly on Railo as well.

Published 2014-01-01 @ 08:55 in ColdFusion My projects Open Source