Luis Majano

October 19, 2016

Spread the word

Share your thoughts

We are pleased to announce the general availability of ColdBox 4.3.0, WireBox 4.3.0, CacheBox 4.3.0 and LogBox 4.3.0. This is a minor release with some great improvements and lots of bug fixes. So let's look at the major things in this release.


You can easily upgrade by leveraging commandbox and issuing the following command:

update coldbox

Getting Started

You can get started with ColdBox 4.3 by issuing the following CommandBox commands:

coldbox create app
server start


We have completey revamped the documentation for ColdBox. We have split the incoming docs into two paths: beginners and advanced. This way new comers to the framework will be able to remain focus and learn in a guided path, while advanced users can have access to the full documentation.

Module Parent Settings

We have now introduced a standardized approach to defining/overriding module settings in your module and overrides via the parent application. You can now define a moduleSettings structure in your config/ColdBox.cfc which will hold all the override settings for any modules you have installed in your system.

Module developers can then create defaults for those settings in a modules's ModuleConfig.cfc via the settings structure.

// myModule/ModuleConfig.cfc
component {
  function configure() {
    settings = {
      someSetting = "default",
      anotherSetting = "default"

// config/ColdBox.cfc
component {
  function configure() {
    moduleSettings = {
      myModule = {
        someSetting = "overridden" 

// end result
  someSetting = "overridden",
  anotherSetting = "default"

Global invalidHTTPMethodHandler

You can now define a global invalid HTTP method handler in your coldbox configuration structure:

coldbox = {
  invalidHTTPMethodHandler = "main.invalidHTTP"

This will provide your application with error consistency when building RESTFul services.

New allowedMethods annotation for handlers

Your event handler actions can now define their allowed HTTP methods of execution via the allowedMethods annotation:

function index( event, rc, prc) allowedMethods="GET,POST"{

New convention modules_app

With the introduction of CommandBox we can now have tracked modules and un-tracked modules in a ColdBox application. The default convention for modules called modules is now the default location of tracked CommandBox modules. The new convention modules_app is for your own custom un-tracked modules.

What is tracked? Modules that are tracked by CommandBox and usually not added to source control. CommandBox controls their installation, updating, etc.

Interceptors get rc and prc references

All interceptor methods now receive a reference to rc and prc for convenience:

function preProcess( event, rc, prc, interceptData, buffer )

String Builders

Internal concatenation tools and interceptor response buffers have been migrated to Java String Builders for a more awesome performance updates.

Binary HTTP Content

You can now receive and decode binary HTTP content when doing RESTFul services

Models in Modules accept aliases now

Models in Modules can now have name aliases via the alias annotation or binder alias definitions.

HTTP Method Spoofing

Although we have access to all these HTTP verbs, modern browsers still only support GET and POST. With ColdBox and HTTP Method Spoofing, you can take advantage of all the HTTP verbs in your web forms.

By convention, ColdBox will look for an _method field in the form scope. If one exists, the value of this field is used as the HTTP method instead of the method that was made. For instance, the following block of code would execute with the DELETE action instead of the POST action:

You can manually add these _method fields yourselves, or you can take advantage of ColdBox's HTML Helper.

#html.startForm( action = "", method="DELETE" )#
    #html.submitButton( name = "Delete", class = "btn btn-danger" )#

Release Notes


  • [COLDBOX-479] - onInvalidHTTPMethod not firing with SES Interceptor

  • [COLDBOX-512] - ColboxProxy.cfc has reference to method tracer - which no longer exists in that component.

  • [COLDBOX-515] - Exception handling broken for customErrorTemplate when application relative path used

  • [COLDBOX-517] - CF mapping's for modules don't get created for proxy requests

  • [COLDBOX-520] - Only remove the scriptname from the pathinfo if it is the first element in the pathinfo

  • [COLDBOX-521] - afterAspectsLoad was missing from core

  • [COLDBOX-527] - bug report view is not thread safe

  • [COLDBOX-528] - Coldbox Event Cache discards the Content-Type when caching non renderdata results

  • [COLDBOX-529] - Object in RC or PRC causes async interceptors to fail

  • [COLDBOX-534] - getHTMLBaseURL returns with a double slash at the end,

  • [COLDBOX-537] - ColdBox Cache Flash not discovering session/cookie as app has not loaded first

  • [COLDBOX-539] - Private event actions are no longer executable (regression)

New Features

  • [COLDBOX-371] - Convention to override a module's settings in an application or parent module

  • [COLDBOX-505] - New coldbox directive: invalidHTTPMethodHandler that will fire globally if an action is called with an invalid HTTP Method

  • [COLDBOX-511] - New action annotation "allowedMethods" so you can allow inline annoation for allowed HTTP Verbs thanks to Nic Tunney

  • [COLDBOX-522] - Add rc and prc available directly to custom error templates

  • [COLDBOX-525] - HTTP Method Spoofing for Forms

  • [COLDBOX-530] - Add 'modules_app' as a default external location instead of manually adding it.

  • [COLDBOX-540] - Interception points get reference to rc and prc now.

  • [COLDBOX-541] - invokerasync was not passing the buffer


  • [COLDBOX-502] - RequestBuffers now leverage string builders.

  • [COLDBOX-513] - Calling processState from within an interceptor clears buffer

  • [COLDBOX-531] - execute() in BaseTestCase now uses the default event (defined in config/ColdBox.cfc) if / is passed in as the route

  • [COLDBOX-532] - event.getHTTPContent() doesn't work on binary encoding

  • [COLDBOX-536] - Rendered output has ALWAYS a precedent empty line, delete it!

  • [COLDBOX-538] - Alises in module models aren't picked up

Add Your Comment

Recent Entries

CBWIRE 2.2 Released

CBWIRE 2.2 Released

We're excited to announce the release of CBWIRE 2.2. This release includes several added enhancements, such as new lifecycle hooks and simplified Turbo Drive integration. We changed the previous lifecycle hook of mount() to onMount() to be consistent, and several bugs were squashed.

Maria Jose Herrera
Maria Jose Herrera
January 09, 2023
FORGEBOX v7.1.0 Released

FORGEBOX v7.1.0 Released

We are so happy to announce a minor release for our package management system. In this release, we take care of some bug fixes reported and a lot of work for our elastic search engine. Now better search results with an improved response time. We have updated our core modules to the latest versions for better security and performance.

Javier Quintero
Javier Quintero
December 30, 2022
Favorite 2022 Ortus Content

Favorite 2022 Ortus Content

2022 was quite the year. For us, it was all about delivering exceptional content and service to our amazing community of developers. That's why we updated our tools, released new products, and announce upcoming projects and initiatives we are working on for 2023.

We know 2023 will be awesome but 2022 was amazing too. Read on and don't miss anything, review the top content we released in 2022 and improve your projects in 2023. Happy New Year!

Maria Jose Herrera
Maria Jose Herrera
December 29, 2022