I am using railo server 4.1 and also installed the extension provider for spreadsheet support (http://www.andyjarrett.co.uk/RailoExtensionProvider/ExtensionProvider.cfc). But I can't able to read the spreadsheet using cfspreadsheet Am I missing something? or else provide any alternate solution.
The following is the error produced when i run a cfm page with cfspreadsheet tag in it
<cfspreadsheet action="read" src="#expandPath('..\')#/TEST.xls" query="res">
<cfdump var="#res#" />
Related
When I login to ColdFusion 2018 admin console the screenshot below shows up. The close button is not working. Neither is the search box. Restarting the WebLogic server and reopening console are not helpful. How to fix this? I never had this issue using ColdFusion console before this.
This is the console log in browser. No error reported in Eclipse.
You are missing the /cf_scripts mapping that serves the jQuery script that is required to run the frontend of the CF2018 admin console.
The mapping should point to /ColdFusion2018/cfusion/wwwroot/cf_scripts/.
If you are using the built-in Tomcat, locate /ColdFusion2018/cfusion/runtime/conf/server.xml and adjust your context:
<Context path="" docBase="/your-webroot/" workDir="/ColdFusion2018/cfusion/runtime/conf/Catalina/localhost/tmp">
<Resources>
<PreResources className="org.apache.catalina.webresources.DirResourceSet" base="/ColdFusion2018/cfusion/wwwroot/CFIDE" webAppMount="/CFIDE" />
<PreResources className="org.apache.catalina.webresources.DirResourceSet" base="/ColdFusion2018/cfusion/wwwroot/WEB-INF" webAppMount="/WEB-INF" />
<PreResources className="org.apache.catalina.webresources.DirResourceSet" base="/ColdFusion2018/cfusion/wwwroot/cf_scripts" webAppMount="/cf_scripts" />
</Resources>
</Context>
If you are using IIS, you can simly add a virtual directory. A symlink would probably work too for that matter.
It seems to be an incorrect value in your neo-runtime.xml file. CfFormScriptSrc value should be just "/cf_scripts/scripts/". For those who don't understand, refer to the discussion at https://forums.adobe.com/message/10705035
For extra security on my pages I use HTTP_REFERER within a cfif statement as a check on all my pages to make sure there are no successful direct attacks on any given page.
I am using a cfc file in an Authorize.net post. I do not use cfc or any other plug-ins or apps on my site so this is a first.
I would like to use an cfif statement in the cfc with the pages that call it listed in the cfif statement and if not a listed page, cfabort the page.
<cfhttpparam name="referer" type="cgi" value="#CGI.HTTP_REFERER#">
The application keeps the daily reports in a shared path. Our application generates the URL linking it to the excels like
http://application/ExcelTask/Index.cfm?type=Report&fileName=Report_Mar2014.xlsx
with the cfm code as
<cfif FileExists("#filePath#")>
<cfheader name="Content-Disposition" value="inline; filename=""#URL.fileName#""">
<cfcontent type="application/vnd.ms-excel" file="#filePath#">
</cfif>
What we have found out if the users are aware of our directory structure the cfm files can be downloaded using the URL injection like
http://application/ExcelTask/Index.cfm?type=../ExcelTask&fileName=Index.cfm
I can add a condition to only allow files of type xls and xlsx only but that looks like a Plan B.
Any ideas how to restrict the folder access?
Use basic data sanitization skills to both clean and validate your URL.type and URL.filename.
some replaceAll code to eliminate ../, or
try isValid("regex", some regex pattern...)
You can also validate against the session whether the current logged in user has the write to view/download the file for extra protection.
I am using ColdFusion 8.
I have a perfectly formatted HTML page that I want to convert into PDF. It takes ColdFusion about 250 milliseconds to create this content. The code is tried and true and works in every respect with no problem, except for in creating a PDF.
I create the PageContent variable like this:
<!--- CREATE PAGE AS CONTENT --->
<cfsavecontent variable="PageContent">
<html>
<head></head>
<body>
<cfoutput>
// PAGE CONTENT IS HERE
<cfoutput>
</body>
</html>
</cfsavecontent>
I can display this PageContent perfectly as HTML in a browser, open it in Word or Excel. I try to create a PDF like this:
<cfdocument format="pdf">
<cfoutput>
#PageContent#
</cfoutput>
</cfdocument>
The page content has inline styles, images, divs, and tables. If I remove the image path and file with an empty string, the document works. Here's the
I think that the PDF generator is choking ob the image path, although the paths seem perfect to me and render well everywhere else. The img tag is being fed the full HTTP path, which is totally valid. Here's one that isn't working:
http://dev.iqcatalogs.com/avcat/IMAGES/products/spotlight/ef17_40_4lu_c2_186x279.gif
What might cause the images from rendering properly in PDF?
(From the comments above) I am guessing you have looked into the usual suspects already?
ie 2) If your server is behind firewall. As we mentioned earlier, CF
server needs to send an HTTP request for the images. If the firewall
prevents any outgoing connection from the server, CF will not be able
to retrieve them and will show a red-x in place of them. You will need
to setup your firewall in such a way that server can send an HTTP
request to itself.
Remember that for Cfdocument to work it doesn't matter whether you can pull up the image in your browser. It only matters if the server can pull it up. The most likely cause for this is simply domain resolution - where the server cannot get the right IP address - or where it is blocked from retrieving the content. See this post.
resolution and cfdocument
I'm fairly new to ColdFusion and am currently creating a system for which users can view PDF files. As well, I have it so some users can upload replacements for the current PDF if need be. The problem is, at least when using Firefox, when the user views the PDF file, it goes into their history cache to improve loading times I assume, and if a user replaces the PDF with a more updated one, users with the original PDF in their history cache will just see the old file and not the new one.
Now, I'm not going to just tell users to clear their history, so here's where my question comes in: Is there either a way to prevent the PDF from going into their history cache or is there a way to remove the page from the history? Any help would be greatly appreciated! :)
In PDF link add timestamp using gettickcount() to make URL unique and this prevent caching pdf.
http://mywebsite/pdfname.pdf?123249329323
Rather than link directly to the PDF, link to a .cfm that has this code:
<cfheader name="expires" value="#getHttpTimeString(now())#">
<cfheader name="pragma" value="no-cache">
<cfheader name="cache-control" value="no-cache, no-store, must-revalidate">
<cfcontent file="#path_to_pdf_file#" type="application/pdf">