Ernst has just posted his code for an ssl interceptor he just created. It looks awesome so take a look for yourself.
Blog
Recent Entries

BX-AI 1.2 Released: Claude 4 Support, New Tooling API, CFML Compatibility & More!
We’re excited to announce the release of BoxLang AI v1.2, a major update to the BoxLang AI module that powers intelligent applications with a unified AI abstraction layer across even more providers: OpenAI, Claude, Grok, Gemini, and more. This release packs new features for providers, tools, debugging, and customization — making it easier than ever to build multi-runtime, AI-driven BoxLang and CFML applications.

Ortus Solutions invited at America Digital 2025
Our participation is more than a presence, it is a commitment to represent El Salvador’s growing influence in the global tech ecosystem and to inspire others to embrace modern software practices.
This invitation is a recognition of our contributions to open source and a reminder of the importance of building with purpose. Whether through BoxLang, ColdBox, or any of our other tools, our focus remains the same: to empower developers, elevate teams, and enable the future of digital transformation.

Introducing the BoxLang Version Manager!
We're excited to announce the release of BVM (BoxLang Version Manager), a powerful new tool that makes managing multiple BoxLang installations effortless across Mac, Linux, and Windows Subsystem for Linux (WSL). Whether you're a BoxLang developer working on multiple projects or testing across different versions, BVM is designed to streamline your workflow.
Add Your Comment
(4)
Jan 19, 2008 23:50:35 UTC
by Rob Gonda
It's missing some functionality ... how does it know which event has to be secured? It should secure only specific events, and force unsecured requests for the rest. something like if not isSsl and requireSll then cflocate to https if isSsl and not requireSll then cflocate to http
Jan 19, 2008 23:54:53 UTC
by Luis Majano
That is up to Ernst, but I think its a good start.
Jan 21, 2008 16:01:48 UTC
by Ernst van der Linden
Rob you're right. We could implement that. Just make a list of allowed events without SSL as a property in interceptor xml definition and then check with event.getCurrentEvent() if we need SSL. I will take a look and keep you informed.
Jan 21, 2008 17:47:57 UTC
by Ernst van der Linden
Rob, I made in new blog entry. The SSL interceptor now supports SSL for specific events. Comments are welcome!