Ernst has just posted his code for an ssl interceptor he just created. It looks awesome so take a look for yourself.
Blog
Recent Entries
First Round of the Into the Box 2026 Agenda Is Live
Into the Box 2026 marks an important moment for the CFML and BoxLang community not just because of what’s on the agenda, but because of what it represents: 20 years of Ortus Solutions helping teams move forward, modernize, and build with confidence.
Victor Campos
Victor Campos
January
21,
2026
BoxLang AI v2: Enterprise AI Development Without the Complexity
One Year. 100+ Features. Unlimited Possibilities.
Just one year ago, in March 2024, we launched BoxLang AI 1.0. Today, we're thrilled to announce BoxLang AI v2—a massive leap forward that positions BoxLang as the most powerful and versatile AI framework on the JVM.
Luis Majano
Luis Majano
January
19,
2026
CommandBox: A Smarter Foundation for BoxLang and CFML Workflows
In day-to-day development, some tools simply do their job… and others quietly change the way you work. CommandBox falls into the second category.
It doesn’t replace your editor, framework, or existing applications. Instead, it becomes the common ground where CFML and BoxLang development meet ,giving teams a consistent, reliable way to build, run, and evolve their projects.
Victor Campos
Victor Campos
January
16,
2026
Add Your Comment
(4)
Jan 19, 2008 23:50:35 UTC
by Rob Gonda
It's missing some functionality ... how does it know which event has to be secured? It should secure only specific events, and force unsecured requests for the rest. something like if not isSsl and requireSll then cflocate to https if isSsl and not requireSll then cflocate to http
Jan 19, 2008 23:54:53 UTC
by Luis Majano
That is up to Ernst, but I think its a good start.
Jan 21, 2008 16:01:48 UTC
by Ernst van der Linden
Rob you're right. We could implement that. Just make a list of allowed events without SSL as a property in interceptor xml definition and then check with event.getCurrentEvent() if we need SSL. I will take a look and keep you informed.
Jan 21, 2008 17:47:57 UTC
by Ernst van der Linden
Rob, I made in new blog entry. The SSL interceptor now supports SSL for specific events. Comments are welcome!