As I understand it, Firefox shares cookies, etc across all instances of
Firefox.
IE however treats every instance as its own little world and doesn't
share well with itself.
Steve
-Original Message-
From: Chad McCue [mailto:ch...@icsciences.com]
Sent: Wednesday, February 24, 2010
On Wed, Feb 24, 2010 at 7:16 PM, Chad McCue wrote:
I open up FireFox I put in my url say http://test.devsite.com I get a unique
CFID and CFTOKEN, I keep that browser open and then open a new FireFox
browser and go to the same domain http://test.devsite.com and when I look at
the debugging
the CFID/CFTOKEN is only appended to the URL if you are using
URLSessionFormat() or if in the form tag, there is no method set, or it
is set to GET, or it is set in the action page
no simple way, but you need to remove them in all the places landing
onto the barclay page
or you can add
btw, can you point us to the Forta article?
Les Mizzell wrote:
Dan Vega wrote:
When using cflocation you can set the attribute for addtoken=false
Yea - but it's often a form submission without a cflocation.
I found a method suggested by Ben Forta I'm playing with...
On Monday 14 Apr 2008, rex wrote:
no simple way, but you need to remove them in all the places landing
onto the barclay page
You could add a check in Application.cfc to see if it was the submit page, and
if so store the id/token in the session, and then redirect with
addToken=false.
--
Tom
When using cflocation you can set the attribute for addtoken=false
Dan
On Sat, Apr 12, 2008 at 1:02 PM, Les Mizzell [EMAIL PROTECTED] wrote:
I have a client that's switching payment methods over to Barclay card
for their site.
I've gotten everything to work pretty well up to the last step.
Dan Vega wrote:
When using cflocation you can set the attribute for addtoken=false
Yea - but it's often a form submission without a cflocation.
I found a method suggested by Ben Forta I'm playing with...
~|
Adobe® ColdFusion®
1) No.
2) huh? Might pay to look at these are created, if you are using
cf6mx+ make cfID etc cfUID
3) Look at expiring cfid * cftoken cookies when browser is closed.
4)see above.
On Tue, Apr 8, 2008 at 12:43 AM, Brian Dumbledore [EMAIL PROTECTED] wrote:
I am looking for someone to throw
Hi Brian,
It depends on how you have things setup. Take a look at these
resources. They helped me a bunch when I was looking into it.
http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_17915
http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_18232
And, this article by
Kris and Andrew, thanks for your time.. I saw first two links, but not the
third one. I still not clear, but will do some testing I guess.
In my scenario, I have setclientcookies yes and ofcourse sessionmanagement yes.
I was trying to query the table for all unique sessions (select distinct
Let me put it in another way..
I hit the page, dump the cookie cfid,cftoken have values A,B for them. after 30
min (session timeout). I hit the page again (same browser), should not the
cfid, cftoekn values in the cookie be different now since a new session is now
created and cookie values
Hi Brian,
The reason you are seeing the same session id show up is because you
have setclientcookies = yes. This stores the CFID and CFTOKEN, and if
existent will be reused. The cookie does not get killed on browser
close in this scenario.
What we did was setclientcookies = no, then manually
Kris,
You gave me the main confirmation that I've been lookig for. Previous session's
cookie values will be reused even if this is a new session. Thanks.
~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic
The only issue I have now is, say one hits the site, navigates for a while and
does not close the browser, clicks on a link on the site after 5 hrs, it still
reuses the old cfid and cftoken values, even after the session expired long
back. Is there anyway we can force it to recreate these
If you are not using client scope, just setting J2EE session ON,
should do the trick. You shouldn't have to do the manual cookie
setting described. I think you understand this, but just in case the
session will time-out only after the session has been idle for the
allotted session timespan. If the
You can check Rupesh's blog on URLSessionFormat here
http://coldfused.blogspot.com/2006/09/handling-j2ee-session-with-cookies_12.html
~|
Create robust enterprise, web RIAs.
Upgrade integrate Adobe Coldfusion MX7 with Flex 2
Here's the issue: Shared code base utilized by 1400+ sites
and we're tracking stats (users to sessions, etc). To
properly track sessions among those who do not have cookies
enabled (and there are many) we would need to pass
CFID/CFToken to each page request. This requires us to change
Well not really with CF Code but why not use the Search/Replace function
within HomeSite/DW/ or Eclipse and update the pages that way?
-Original Message-
From: Cutter (CFRelated) [mailto:[EMAIL PROTECTED]
Sent: Friday, December 29, 2006 1:00 PM
To: CF-Talk
Subject: CFID and CFToken
I'm not sure why you'd want to do that, (and there may be security risks
in doing so), but the CFID and CFToken are typically stored in the
cookie scope. You could get them from there to add them to all your links.
Cheers,
Chris
Cutter (CFRelated) wrote:
Does anyone know of a way to
Checkout UrlSessionFormat()
Russ
-Original Message-
From: Cutter (CFRelated) [mailto:[EMAIL PROTECTED]
Sent: 29 December 2006 18:00
To: CF-Talk
Subject: CFID and CFToken
Does anyone know of a way to programmatically add the CFID and CFToken
variables to every link within a rendered
Can you wrap all links in some sort of method call.. Something like:
SessionUrl( index.cfm. )
And have that automatically add the CFID / CFTOKEN?
Or are you talking about a search / replace like someone else mentioned?
..
Ben Nadel
Certified Advanced ColdFusion MX7
Wait... they're in the cookie scope on my box because we're putting them
there. They live in the session scope.
Cheers,
Chris
Cutter (CFRelated) wrote:
Does anyone know of a way to programmatically add the CFID and CFToken
variables to every link within a rendered page (if needed)? Links,
Why couldn't you do it with CF Code? Well, I guess if he's creating all
his HTML by hand and just using CF for the back end... otherwise, you'd
do it when CF is creating the page.
CFOutput
a
href=somepage.cfm?CFID=#Session.CFID#CFTOKEN=#Session.CFToken#MyLink/a
/CFOutput
What's wrong with
29, 2006 1:28 PM
To: CF-Talk
Subject: Re: CFID and CFToken
Why couldn't you do it with CF Code? Well, I guess if he's creating all
his HTML by hand and just using CF for the back end... otherwise, you'd
do it when CF is creating the page.
CFOutput
a
href=somepage.cfm?CFID=#Session.CFID
.
-Original Message-
From: Christopher Jordan [mailto:[EMAIL PROTECTED]
Sent: Friday, December 29, 2006 1:28 PM
To: CF-Talk
Subject: Re: CFID and CFToken
Why couldn't you do it with CF Code? Well, I guess if he's creating all
his HTML by hand and just using CF for the back end
: Christopher Jordan [mailto:[EMAIL PROTECTED]
Sent: Friday, December 29, 2006 1:28 PM
To: CF-Talk
Subject: Re: CFID and CFToken
Why couldn't you do it with CF Code? Well, I guess if he's creating all
his HTML by hand and just using CF for the back end... otherwise, you'd
do it when CF is creating
Because no everyone has cookies enabled.
-Original Message-
From: Christopher Jordan [mailto:[EMAIL PROTECTED]
Sent: 29 December 2006 18:23
To: CF-Talk
Subject: Re: CFID and CFToken
I'm not sure why you'd want to do that, (and there may be security risks in
doing so), but the CFID
Does anyone know of a way to programmatically add the CFID and CFToken
variables to every link within a rendered page (if needed)? Links,
form actions, etc., via some regex or something.
I believe URLSessionFormat is what you are looking for.
were already in a cookie
that the URL portion would not be required. And if they are still required
then why bother with setting the cookies for them?!?
Thanks,
Kevin
Magick by Design
_
From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 19, 2004 2:22 PM
To: CF-Talk
Subj
I never use CFID/CFTOKEN, but I've had similar issues due to sending users through a cookie testing routine when they first hit the sitepassing all URL params and desired page info through the process.
In Application.cfm
-test for CFID/CFTOKEN exisitence
-IF NOT FOUND...
-grab where they
application.cfm seems the ideal place, what code did you try?
jb.
On Thu, 19 Aug 2004 14:12:51 -0400, Kevin [EMAIL PROTECTED] wrote:
Hi all,
I have been working on my new application and I have found something that I
need some help on. If a user who is logged in types in the URL to a page
in place of the URL scope?
Thanks,
Kevin
Magick by Design
_
From: John Beynon [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 19, 2004 3:10 PM
To: CF-Talk
Subject: Re: CFID and CFTOKEN question
application.cfm seems the ideal place, what code did you try?
jb.
[Todays Threads
Are 100% sure that this is not a client issue? Can you examine the HTTP requests as
returned by the browser and see if they have the cookies in place?
Perhaps the server is on the browser's list of no cookie sites?
If the browser is passing them up is their anything that could modify the
I know when you use cflocation it can automatically append CFID and CFTOKEN.
Anything else you have to include them yourself.
If I'm wrong someone please correct me :)
Shawn Regan
-Original Message-
From: Ben Doom [mailto:[EMAIL PROTECTED]
Sent: Friday, May 30, 2003 8:15 AM
To:
IIRC in your CFAPPLICATION if you say no client cookies. it will do it on
it's own in order to still use sessions... Just trying to recall so I could
be wrong
-Original Message-
From: Shawn Regan [mailto:[EMAIL PROTECTED]
Sent: Friday, May 30, 2003 8:33 AM
To: CF-Talk
Subject: RE: CFID
I use a sort-of Fusebox 2 architecture, in which every call goes through
index.cfm. So, I just do the following:
cfset request.self = index.cfm? client.urlToken
a href=#request.self#fuseaction=foobarFoo Bar/a
However, if using conventional CF, I'd probably do something like this:
cfset
Wrap all of your urls in URLSessionFormat(). That should be available
in CF5. Senses whether the user has cookies enabled and handles the
rest on its own, either appending the key pair or not as needed. Very
handy. And of course there's addtoken=yes in cflocation.
Thanks to all those who helped.
Allaire's docs do seem a little ambiguous when they say that CFID and CFTOKEN can be
passed as hidden form fields - I now see that URLTOKEN can be passed as a URL variable
to the action page that your form submits to. Interesting post on this at
What are the names of your hidden for fields? Can you post a piece of your code so we
can see what the problem is?
--
Clint Tredway
www.factorxsoftware.com
--
~~
Structure your ColdFusion code with Fusebox. Get the official book at
Peter
Usually the way I do this is to simply append the URLTOKEN to the end of the
page name in the action attribute of the FORM tag.
eg. FORM ACTION="index.cfm?#URLTOKEN#"..
Regards
Stephen
-Original Message-
From: Peter Lutwyche [mailto:[EMAIL PROTECTED]]
Sent: Friday, 26
It doesn't work if you use hidden form fields, you need to append the token
to the file portion within the form tag:
form action="somepage.cfm?cfoutput#session.urltoken#/cfoutput"
method="post"
etc.
Steve
-Original Message-
From: Peter Lutwyche [mailto:[EMAIL PROTECTED]]
Sent: 26
41 matches
Mail list logo