This is a question for you to answer. ColdBox supports the mode of being in debug mode or not. It does so, by placing a cookie on your browser so you can see the debugging panel only with that cookie set. The question is, how long should that cookie live? What should the expiration time be? Any suggestions?
Blog
Recent Entries
BoxLang CouchBase Module: Enterprise Caching, Distributed Locking, and AI Vector Memory
We're thrilled to announce the release of bx-couchbase v1.0, bringing enterprise-grade Couchbase integration to the BoxLang ecosystem. This powerful module combines high-performance distributed caching with cutting-edge AI capabilities, enabling developers to build scalable, intelligent applications with ease.
Luis Majano
Luis Majano
December
05,
2025
BoxLang v1.8.0 : Revolutionary HTTP Client, SOAP Integration, and Production-Grade Stability
The BoxLang team is excited to announce BoxLang 1.8.0, a massive release that revolutionizes HTTP capabilities, introduces comprehensive SOAP/WSDL integration, and delivers over 100 critical bug fixes for production-grade stability. This release focuses on modern web application development with fluent APIs, streaming support, persistent connection management, and extensive CFML compatibility improvements.
Luis Majano
Luis Majano
December
05,
2025
Ortus & BoxLang November Recap 2025
November 2025 was a big month at Ortus. BoxLang 1.7.0 arrived with real-time streaming, distributed caching, and faster compiler internals. ColdBox gained a cleaner debugging experience with full Whoops support, while CBWIRE 5 launched with stronger security, smarter lifecycles, and easier uploads.
Victor Campos
Victor Campos
December
02,
2025
Add Your Comment
(4)
Feb 23, 2007 03:50:04 UTC
by Sana
Hi Luis, I think 30 minutes, as sessions default expiry is 30 minutes, so this cookie should be 30 minutes expiry time.
Feb 23, 2007 07:29:14 UTC
by Dan Wilson
Luis, Perhaps it could be left up to the user to clear the cookie when they have finished the debugging? A link or a special URL perhaps to clear the cookie? Dan
Feb 23, 2007 10:00:43 UTC
by reuben
I agree with Sana that the time out for a cookie should be defaulted to the session timeout. If you are working constantly on the site, the debug will last beyond 30 minutes. The big issue is that if you stop work and come back to the site, you don't always want debug still enabled. I think having it auto expire is a good thing.
Feb 23, 2007 10:24:47 UTC
by Luis Majano
Dan, You can clear the cookie by just setting debugmode=false once you are done. But we all know that sometimes we are lazy and basically forget, like 90 year old brians!! So an automatic timeout, would allow security and also peace of mind. I think 30 minutes is reasonable. Any more suggestions.