Luis Majano

October 19, 2016

Spread the word

Share your thoughts

We are pleased to announce the general availability of ColdBox 4.3.0, WireBox 4.3.0, CacheBox 4.3.0 and LogBox 4.3.0. This is a minor release with some great improvements and lots of bug fixes. So let's look at the major things in this release.


You can easily upgrade by leveraging commandbox and issuing the following command:

update coldbox

Getting Started

You can get started with ColdBox 4.3 by issuing the following CommandBox commands:

coldbox create app
server start


We have completey revamped the documentation for ColdBox. We have split the incoming docs into two paths: beginners and advanced. This way new comers to the framework will be able to remain focus and learn in a guided path, while advanced users can have access to the full documentation.

Module Parent Settings

We have now introduced a standardized approach to defining/overriding module settings in your module and overrides via the parent application. You can now define a moduleSettings structure in your config/ColdBox.cfc which will hold all the override settings for any modules you have installed in your system.

Module developers can then create defaults for those settings in a modules's ModuleConfig.cfc via the settings structure.

// myModule/ModuleConfig.cfc
component {
  function configure() {
    settings = {
      someSetting = "default",
      anotherSetting = "default"

// config/ColdBox.cfc
component {
  function configure() {
    moduleSettings = {
      myModule = {
        someSetting = "overridden" 

// end result
  someSetting = "overridden",
  anotherSetting = "default"

Global invalidHTTPMethodHandler

You can now define a global invalid HTTP method handler in your coldbox configuration structure:

coldbox = {
  invalidHTTPMethodHandler = "main.invalidHTTP"

This will provide your application with error consistency when building RESTFul services.

New allowedMethods annotation for handlers

Your event handler actions can now define their allowed HTTP methods of execution via the allowedMethods annotation:

function index( event, rc, prc) allowedMethods="GET,POST"{

New convention modules_app

With the introduction of CommandBox we can now have tracked modules and un-tracked modules in a ColdBox application. The default convention for modules called modules is now the default location of tracked CommandBox modules. The new convention modules_app is for your own custom un-tracked modules.

What is tracked? Modules that are tracked by CommandBox and usually not added to source control. CommandBox controls their installation, updating, etc.

Interceptors get rc and prc references

All interceptor methods now receive a reference to rc and prc for convenience:

function preProcess( event, rc, prc, interceptData, buffer )

String Builders

Internal concatenation tools and interceptor response buffers have been migrated to Java String Builders for a more awesome performance updates.

Binary HTTP Content

You can now receive and decode binary HTTP content when doing RESTFul services

Models in Modules accept aliases now

Models in Modules can now have name aliases via the alias annotation or binder alias definitions.

HTTP Method Spoofing

Although we have access to all these HTTP verbs, modern browsers still only support GET and POST. With ColdBox and HTTP Method Spoofing, you can take advantage of all the HTTP verbs in your web forms.

By convention, ColdBox will look for an _method field in the form scope. If one exists, the value of this field is used as the HTTP method instead of the method that was made. For instance, the following block of code would execute with the DELETE action instead of the POST action:

You can manually add these _method fields yourselves, or you can take advantage of ColdBox's HTML Helper.

#html.startForm( action = "", method="DELETE" )#
    #html.submitButton( name = "Delete", class = "btn btn-danger" )#

Release Notes


  • [COLDBOX-479] - onInvalidHTTPMethod not firing with SES Interceptor

  • [COLDBOX-512] - ColboxProxy.cfc has reference to method tracer - which no longer exists in that component.

  • [COLDBOX-515] - Exception handling broken for customErrorTemplate when application relative path used

  • [COLDBOX-517] - CF mapping's for modules don't get created for proxy requests

  • [COLDBOX-520] - Only remove the scriptname from the pathinfo if it is the first element in the pathinfo

  • [COLDBOX-521] - afterAspectsLoad was missing from core

  • [COLDBOX-527] - bug report view is not thread safe

  • [COLDBOX-528] - Coldbox Event Cache discards the Content-Type when caching non renderdata results

  • [COLDBOX-529] - Object in RC or PRC causes async interceptors to fail

  • [COLDBOX-534] - getHTMLBaseURL returns with a double slash at the end,

  • [COLDBOX-537] - ColdBox Cache Flash not discovering session/cookie as app has not loaded first

  • [COLDBOX-539] - Private event actions are no longer executable (regression)

New Features

  • [COLDBOX-371] - Convention to override a module's settings in an application or parent module

  • [COLDBOX-505] - New coldbox directive: invalidHTTPMethodHandler that will fire globally if an action is called with an invalid HTTP Method

  • [COLDBOX-511] - New action annotation "allowedMethods" so you can allow inline annoation for allowed HTTP Verbs thanks to Nic Tunney

  • [COLDBOX-522] - Add rc and prc available directly to custom error templates

  • [COLDBOX-525] - HTTP Method Spoofing for Forms

  • [COLDBOX-530] - Add 'modules_app' as a default external location instead of manually adding it.

  • [COLDBOX-540] - Interception points get reference to rc and prc now.

  • [COLDBOX-541] - invokerasync was not passing the buffer


  • [COLDBOX-502] - RequestBuffers now leverage string builders.

  • [COLDBOX-513] - Calling processState from within an interceptor clears buffer

  • [COLDBOX-531] - execute() in BaseTestCase now uses the default event (defined in config/ColdBox.cfc) if / is passed in as the route

  • [COLDBOX-532] - event.getHTTPContent() doesn't work on binary encoding

  • [COLDBOX-536] - Rendered output has ALWAYS a precedent empty line, delete it!

  • [COLDBOX-538] - Alises in module models aren't picked up

Add Your Comment

Recent Entries

Ortus Solutions Soars Back to CFCamp Munich as Platinum Sponsor and Keynote Presenter!

Ortus Solutions Soars Back to CFCamp Munich as Platinum Sponsor and Keynote Presenter!

We're thrilled to announce that Ortus Solutions is returning to CFCamp Munich for another year! We're incredibly proud to be a continuing sponsor of this fantastic event and can't wait to connect with the ColdFusion community once again.

Taking Center Stage with the Day 1 Keynote

Get ready for some deep dives into the world of BoxLang! Ortus Solutions will be kicking off CFCamp with a dynamic keynote address on day 1. This is your chance to gain valua...

Cristobal Escobar
Cristobal Escobar
May 28, 2024
Into the Box 2025 - Blind Tickets are Out!

Into the Box 2025 - Blind Tickets are Out!

Ortus Solutions is thrilled to announce the release of blind tickets for Into the Box 2025, the premier event for web developers. This year's conference promises to be a game-changer, especially with the unveiling of our groundbreaking new product, BoxLang. **Our team is working hard to get all modern CFML developers amazing tools and software features to improve their productivity. **

Maria Jose Herrera
Maria Jose Herrera
May 27, 2024
Into the Box - Keynote Recap Day 1

Into the Box - Keynote Recap Day 1

Day 1 of Into the Box kicked off with an electrifying keynote session that set the tone for an incredible conference. The excitement was palpable as developers, tech enthusiasts, and industry leaders gathered to explore the latest innovations and trends in web development.

Maria Jose Herrera
Maria Jose Herrera
May 24, 2024