Solved

ColdFusion URL Variables Appear?

Posted on 2013-02-02
7
336 Views
Last Modified: 2013-02-02
Hi,
This may be opening a can of worms - but here goes.

I have noticed that my ColdFusion application (V8.1) running on Windows Server 2003 (with IIS) often displays URLs as such:

http://www.myapp.com/blogs/myprog1.cfm?CFID=271943&CFTOKEN=44301668&jsessionid=f0305b61b428125824d7115820388337e31f

Or sometimes it will be displayed as :
http://www.myapp.com/blogs/myprog2-upload.cfm

I don't know what is causing the CF URL variables?.

Some notes:
-  I use CFlocate frequently to transfer to another program.  Sometime links.

-  I am using the CF admin option :
Use J2EE session variables  - as I want the session to end when the browser is closed (I don't know what else it's used for).

-  I do also drop cookies on the client periodically based on some code in my application.cfc.

I haven't included all the setting unless you would like to see them.

Any ideas?  I did find this from adobe but it was not clear to me:
http://forums.adobe.com/thread/116067
http://forums.adobe.com/message/35115


Thanks in advance,
hefterr
0
Comment
Question by:hefterr
  • 4
  • 3
7 Comments
 
LVL 52

Accepted Solution

by:
_agx_ earned 500 total points
ID: 38847007
It's most likely your cflocation code.  cflocation has a parameter named "addToken" which is true by default. When it (and session variables) are enabled, any call to cflocation also appends the session information to the URL.  If you're using j2ee sessions it appends the CFID, CFTOKEN and jSessionID. If not, it appends CFID& CFTOKEN.  

The reason for this feature is session variables require either cookies OR url variables to work. (Cookies are the default) The parameters you see in the URL identify the current user's session on the CF server.  By passing the tokens in the URL, session variables still work when cookies are disabled.

If you don't want them to appear in the url, change the addToken parameter to false

         ie <cflocation url="path/to/somePage.cfm" addToken="false">
0
 
LVL 1

Author Comment

by:hefterr
ID: 38847025
@_agx_
<cflocation url="path/to/somePage.cfm" addToken="false">

Will this ever cause a problem?

FYI.  I only have about 1,000 to modify :)

hefterr
0
 
LVL 52

Expert Comment

by:_agx_
ID: 38847034
Problem how?  The obvious result would be that features that use sessions would not work for users that disabled cookies.  But that's what you'd expect to happen :)

> FYI.  I only have about 1,000 to modify :)

If you use an IDE like CFEclipse that supports regex find/replace it's a breeze :)
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 1

Author Closing Comment

by:hefterr
ID: 38847077
Thanks!  - And congratulations on your new "Ace" title :)
0
 
LVL 52

Expert Comment

by:_agx_
ID: 38847137
Lol, thanks.  It's funny I didn't even notice it until last week.  I went to donate some of my EE T-shirts to last month's charity drive and saw it and thought "when did that happen?" :)
0
 
LVL 1

Author Comment

by:hefterr
ID: 38847380
I received the monthly EE "newletter" email and it had you listed.  Very impressive!

FYI.  I think the cflocation is <cflocation url="myprog.cfm" addtoken="no">
0
 
LVL 52

Expert Comment

by:_agx_
ID: 38847483
Famous and I didn't even know it ;-) I'm embarrassed to say I rarely get a chance to catch up on all those.  I've got a ton of non-critical email that just piles up. I get to it like once or twice a year - if that! ;-)  Too much to read and not enough time.

>  <cflocation url="myprog.cfm" addtoken="no">

It should accept either "false" or "no".  But I remember there are still a few tags adobe forgot to update that will *only* accept "no". I don't think cflocation is one of them.  But I'd have to check to be 100% sure.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

PROBLEM:  How to open a cfwindow or run a function on double click of a cfgrid row. One of my clients wanted to be able to double click on a row item to get more detailed information about a transaction and to be able to modify the line items i…
CFGRID Custom Functionality Series -  Part 1 Hi Guys, I was once asked how it is possible to to add a hyperlink in the cfgrid and open the window to show the data. Now this is quite simple, I have to use the EXT JS library for this and I achiev…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now