We help IT Professionals succeed at work.
Get Started

client variables will not work in ColdFusion on IE

Last Modified: 2013-12-24
Hi all, I hope someone can help: ColdFusion client variables will simply NOT work for me in Internet Explorer!!

I am attempting to use them to save user logins. Things to note:

1) This is on ColdFusion MX 7,0,2,142559 , Standard edition, running on UNIX  
2) This is an old website we're talking about, and instead of using Application.cfc, it uses the old Application.cfm with a <cfapplication> tag.
3) I am viewing the page with Internet Explorer 7.0.5730.11 on a PC.
4) I have my security set to the lowest setting (accept all cookies) to make sure it isn't blocking the client vars for some reason.

Settings in the CF Administrator:
1) The DEFAULT storage mechanism for client variables is a datasource. However, I couldn't get storage working in this datasource (see another problem, https://www.experts-exchange.com/Software/Server_Software/Web_Servers/ColdFusion/Q_24091360.html), so for this application I set the clientstorage parameter to "cookie" to override this default.  If I go into the administrator and set the default to cookie there as well, I still get the problem.
2) Purge Interval for client variables = 1hr 7mins (default).
3) Registry is set to Purge data for clients that remain unvisited for 90 days (default).
4)  global client variable updates  are disabled.
5) J2EE Session variables are enabled

Client variables DO work (or at least, they pass my very simple test) in Firefox [Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:].
The person I found who had the most similar problem is here:


His client variables didn't work anywhere, not just for a specific browser, and basically everyone said "wow" and told him to reinstall the server, which worked. But that was in 2005. I don't know what the story is now.


Listing 1: Application code
	name="my_company" applicationtimeout=#CreateTimeSpan(0, 2, 0, 0)# 
	clientmanagement = "yes" clientstorage="cookie" setclientcookies = "yes"	
	setdomaincookies = "no"
	sessionManagement = "yes" sessionTimeout=#CreateTimeSpan(0,0,20,0)# loginstorage="cookie"
	scriptProtect = "all">
<!--- **** Line-by-line explanation ****
	1. The application's name is my_company; it times out in 2 days.
	2. Client variables are enabled; they are stored as a cookies on the user's browser; they
SHOULD be stored in a data source but I get an error every time this 
happens (this is a separate problem; see above)
       2a.On the client side, client variables are set in users' browsers as cookies; they should 
not be, but passing CFID and CFTOKEN data manually through links is not working (another 
problem; I guess I'll ask about it later)
	3. Setdomaincookies is only meaningful for a clustered environment and is turned off.
	4. Session variables are enabled for login; they time out in 20 minutes; login storage is
 handled in cookies. (I left this as the default, taking my cue from Ben Nadel, whose blog is 
really good: http://www.bennadel.com/blog/726-ColdFusion-Application-cfc-Tutorial-And-Application-cfc-Reference.htm 
. Ben says: "I have never used [loginstorage], so I am not exactly sure what that means. 
Defaults to cookie." I know that by setting cookie here I am giving up my goal of enabling logins 
for users without cookies, but I am willing to work with that for now--I wanted to leave this as 
is to not rock the boat with the MAIN problem.)
	5. Built-in XSS protection is turned on
Listing 2: simple test code
<!--- if you didn't set the dummy client variable --->
<cfif NOT isDefined("CLIENT.dummy")>
       <!--- set it (inside a lock, to be safe) --->
	<cflock timeout=20 scope="CLIENT" type="Exclusive">
		<cfset CLIENT.dummy = 1>
       <!--- output that you've set it --->
	client var set<br>
	<cfdump var="#CLIENT#"><br>
<!--- if you DID set it --->
        <!--- output it --->
	<cfdump var="#CLIENT#"><br>
	client var output<br>

Open in new window

Watch Question
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE