Entries Tagged as “ColdFusion”

ColdFusion 11 Update 6 and ColdFusion 10 Update 17 now available

August 27, 2015 / Piyush Kumar Nayak

  Security | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | ColdFusion | ColdFusion 11

The following ColdFusion updates are now available for download. These updates address a common XXE vulnerability in BlazeDS. For details refer the security bulletin hyperlinks in the sections below.

Users who are using LCDS with ColdFusion, should refer this technote, for updating their LCDS installation.

ColdFusion 11 Update 6

This Update addresses a vulnerability mentioned in the security bulletin APSB15-21. This update is cumulative and includes fixes from previous ColdFusion 11 updates.

For details, refer this technote.

ColdFusion 10 Update 17

This Update addresses a vulnerability mentioned in the security bulletin APSB15-21. This update is cumulative and includes fixes from previous ColdFusion 10 updates. 

For details, refer this technote.


getHeaders - a new attribute in the cfexchangemail tag

August 14, 2015 / Piyush Kumar Nayak

  Adobe ColdFusion | Adobe ColdFusion 11 | ColdFusion | ColdFusion 11 | exchange | General

With ColdFusion 11 Update 3, we have introduced a new parameter called "getHeaders", in the "cfExchangeMail" tag. It accepts a boolean value. When set to true, cfExchangeMail returns a query with an additional "InternetHeader" column. This column contains a struct containing key-value pairs of the email-headers associated with each message.

Email message headers provide technical details about the message, such as who sent it, the software used to compose it, the version of the MIME protocol used by the sender etc. 

On Exchange 2010, the fields that are returned are: CC, Content-Transfer-Encoding, Content-Type, Date, From, MIME-Version, Message-ID, Received, Return-Path, Subject, To, X-MS-Exchange-Organization-AuthAs, X-MS-Exchange-Organization-AuthSource, X-Mailer.

You may reference this weblink for the detailed list of the fields and their description.

You can put this new feature to any good use that suites your purpose. I will dwell on one such use case below.

In MS Exchange 2010 and later, the "ToId" column in the retrieved messages query contains the primary email address of the sender. A primary email address can have multiple aliases. If you need to retrieve the email-alias the message was sent to, you can make use of this new attribute.

Here's an example that demonstrates the usage the tag in the context of the use case discussed above:

<cfmail from="#frm_usr_email#" to="#to_usr_alias#" cc="#cc_usr_alias#" subject="#msg_sub#"  server= "#exchangeServerIP#" port = "25">

----------- testing mail to an alias address ------------

</cfmail>

<cfset sleep(5000)>

<cfexchangeConnection action="open" username ="#to_usr#" password="#password#" server="#exchangeServerIP#" serverversion="#version#" protocol="#protocol#" connection="excon">

<cfexchangemail action="get" name="usr_msgs" connection="excon" getheaders=true folder="Inbox">

<cfexchangefilter name="fromID" value='#frm_usr#'>

<cfexchangefilter name="subject" value="#msg_sub#">

</cfexchangemail>

<cfif usr_msgs.recordcount GTE 1>

info from cfexchangemail fields:<br>

<cfloop query="usr_msgs">

<cfoutput>

#usr_msgs.subject#<br> 

#usr_msgs.CC#<br> 

#usr_msgs.fromId#<br>

</cfoutput>

</cfloop>

info from cfexchangemail.internetHeaders fields:<br>

<cfloop query="usr_msgs">

<cfoutput>

#ReplaceList(usr_msgs.internetHeaders["from"][1], ">,<", ",", ",", ",")#<br>

#ReplaceList(usr_msgs.internetHeaders["to"][1], ">,<", ",", ",", ",")#<br>

#ReplaceList(usr_msgs.internetHeaders["cc"][1], ">,<", ",", ",", ",")#<br>

</cfoutput>

</cfloop>

</cfif>

 

You can reference the bugbase, for the enhancement request originally logged for this feature.



Taking Thread Dumps from ColdFusion Server Programmatically

August 11, 2015 / Krishna Reddy

  Performance | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | ColdFusion | ColdFusion 11 | General | productivity | Scheduled Tasks

Many times you would want to tweak the performance of the ColdFusion server or want to debug the bottlenecks that make the server unresponsive.

To analyze this, ideally you would want to have Thead dumps and Server memory snapshot(Heap Space, Eden Space, Survivor Space, Old Gen, Perm Gen).

While you can use JDK tools like jstack to get the dumps, it is tedious to install it and schedule the thread dumps.

So, programmatically thread dumps and memory snapshots are are triggered and can be configured as a scheduler task and can be triggered on-demand as well.

Download the following zip file and move it to the server where you want to take thread dumps.

 

threaddump.zip

This zip file contains two files. One is threaddump.jar file.

Place this file under: C:\ColdFusion11\cfusion\wwwroot\WEB-INF\lib\ and restart the server for it to load.

And the other file is the cfm file takethreaddump.cfm where the call to ThreadDump class is made and the path where the dump content should be written.

By default it is dumped to the file #GetTempDirectory()#/threaddump<Day>-<Month>-<Year>.log

(Depending on the server location it translates similar to C:\ColdFusion11\cfusion\runtime\work\Catalina\localhost\tmp\threaddump12-8-2015.log)

You can change this to any other convenient path in the cfm file.

You can call this cfm on-demand at point of time or configure a new scheduled task to schedule it at some interval.

More number of Thread dumps are more helpful for problem analysis. So, it is better to take at some interval.

On every new day, dump is rotated automatically to a new file name.

 


Some of the factors that help in deciding the memory that application needs

July 27, 2015 / Krishna Reddy

  Administrator | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | Adobe ColdFusion Builder | ColdFusion | ColdFusion 11 | General

Would like to explain the some of the factors that decide how much maximum memory that an application needs.

Here are two examples. One is with cffile upload action and the other is with cfpdf thumbnail action.


Sometimes, while uploading large files using cffile with upload action (<CFFILE ACTION= "UPLOAD") you would have run into the following error

"500 - Internal server error.

There is a problem with the resource you are looking for, and it cannot be displayed."

 

File upload is dependent on “Maximum size of post data” value that you can set in ColdFusion Administrator.

However, it can’t exceed the total available free memory.

Say, if 512 MB is the Xmx memory value (jvm.config) and 350 MB is already occupied by the application, even if “Maximum size of post data” value is set to 200 MB, it can upload files of up to ~150 MB (512 MB- 350 MB).

It can’t upload files of size 200 MB.

To fix it, Xmx should be increased which is again subjected to the available memory in that machine.

 

Here is other example:-

Say, you are using CFPDF's Thumbnail Action and the thumbnails background is not generated properly.
Here the issue would be insufficient memory.

        Just to hold the decoded image data, java application needs large memory (say 1.2 GB depending on the image pixels).

It is because of the format and high pixel nature of the image that is being converted. Number objects created are equal to the total number of pixels in that image.

So, high pixel imge would consume more memory.

To fix this, Xmx value in jvm.config should be at least -> Applications memory Size + 1.2 GB (from the above example) i.e. a minimum of 1.5 GB and can be more depending on your application.

Changing the value and restarting the server would fix this.


How to enable/disable Tomcat logs

July 26, 2015 / Krishna Reddy

  Administrator | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | Adobe ColdFusion Builder | ColdFusion | ColdFusion 11 | Tomcat

Sometimes, depending on your need, you may want to enable or disable the tomcat logs.

This can be simply done changing a setting a in <ColdFusion_Home>\cfusion\runtime\conf\server.xml file.

At the end of this xml file you can see the following tag.

<!--

<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" 

               prefix="localhost_access_log." suffix=".txt"

               pattern="%h %l %u %t &quot;%r&quot; %s %b" resolveHosts="false"/>

-->

Uncomment this tag as follows and restart the server for the changes to be effective.

<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" 

               prefix="localhost_access_log." suffix=".txt"

               pattern="%h %l %u %t &quot;%r&quot; %s %b" resolveHosts="false"/>


Similary, to enable the Tomcat logs, comment this tag.

When Tomcat logging is enabled, you can change the logging level in the logging.properties file by changing the following setting.
<ColdFusion_Home>\cfusion\runtime\conf\logging.properties

org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = WARN

 

 


Blue Mango Theme Design By Mark Aplet

Super Powered by Mango Blog