Blog

ColdBox 4.0 is a major release for the ColdBox line. The most major since its original release in June 2006. To boost efficency and open up options, we've removed a lot of non-necessary items from the core installation and made them available through modular architecture instead. However, there are some thing that we've kept - and for good reason. This post discusses what we kept in the core of ColdBox 4.0 and why.

Welcome to the jungle

Remember a time when the internet was a safe place. Where your email wasn't getting hacked every 3 months, nobody wanted to XSS something malicious to you or through you, and no one conceived of encrypting your hard drive for money?

I don't either. Since its inception, the internet has been a jungle of security complications.

CSRF: not the good kind of surfi...

ColdBox allows you to store the details of your CF datasources in your configuration file.  This prevents you from needing to store usernames and passwords in  your actual code, and allows you  to easily switch an application to another database, even with the environment control.  In  the past this datasource information was presented to you as a CFC object with getter methods.  

In ColdBox 4.0 we recognized that the datasource bean was really just a value object with no behaviors-- only data.  In the spirit of simplification,  we've replaced the datasource bean with a standard struct of data.

CommandBox provides a lot of tooling and CLI functionality for CFML developers. But what if you wanted to run or test CFML code beyond the CommandBox REPL? This post explains a simple way that you can setup a genuine CFML SandBox with CommandBox.

With CommandBox we have learned how easy it is to install projects/modules/interceptors/etc from ForgeBox.  But what if what you want doesn't exist? Or what if you have an existing project you want available to install quickly and easily with CommandBox?  We believe strongly in the community and the power of Open Source, so we encourage you to contribute.  Get that project/module/whatever out there and share it with the world.  Use community to better it and yourself as yo...

If you've ever worked with jars or raw java in ColdFusion, you will love the JavaLoader module for ColdBox. The JavaLoader module will interface with Mark Mandel's JavaLoader to allow you to do a network class loader, compiler and proxy. You can keep jars with your application's code instead of putting them in ColdFusion classpath, and you can even dynamically compile java co...

In today's world, we use frameworks, and separate concerns with MVC or MV*, we strive for Clean Code to make Uncle Bob proud, or Bossman Bob at least. Just because the “Run” function is all you need in a CFC (which extends the BaseCommand) for CommandBox to index the Command, doesn’t mean you have to jam all your code into that one function. Lets look at some simple code cleanup.

Since the early ColdBox 2 versions we had the ability to declare helpers for our layouts and views by creating a file right next to the view and adding the suffix Helper to it.  This would allow the framework to bind the two templates together at run-time.  This is a great way to provide further separation by convention.  However, there was no way to affect layouts and views globally.  You only had the global application helper which injected functions and...

As I always say, "All work and no fun makes you a dull programmer!"  Well, with CommandBox, we're here to fight boredom and productivity with the fun "Snake" game.  This is the class game of moving an-ever growing snake around the map in 4 directions while eating up the apples.  For every app the snake devours, it grows by one character in length.

Looking to secure your ColdBox application?  The Security Module can be your security rules engine for your application.  It provides flexible options to rules based security for you to use.

We have often talked about how a module can be either complex or as simple as an interceptor.  Our Security Module is basically just an interceptor that gets registered in your application to enforce rules you define.  Installing it is easy u...