I've been playing around with this and I see a problem can't solve. I
can force a raw CF error to screen, regardless of whether you have
try/catch, a site-wide error handler or cferror (or all three).
I start out with this /Application.cfm
<cfapplication
name="wazzup">
<cfoutput>
<cfloop query="haha">#haha.notexists#</cfloop>
</cfoutput>
which has a query loop to a nonexistent query. I get a raw cf error.
Fine. Then I change the file to hold a cferror statement and a
try/catch
<cftry>
<cferror type="REQUEST" template="oops.html">
<cfapplication
name="wazzup">
<cfoutput>
<cfloop query="haha">#haha.notexists#</cfloop>
</cfoutput>
<cfcatch type="Any">
<cfinclude template="oops.cfm"><cfabort>
</cfcatch>
</cftry>
The catch template kicks in and takes precedence. Fine again. If I
remove try/catch, leave in the cferror statement and plug in a
sitewide error handler then the site-wide error handler is *ignored*
and the cferror statement fires. That was an ugly surprise, but
either by luck or design (I forget to be honest) I only use cferror on
my own servers for validation, but on the commercial stuff I use it as
a backup as described. Better write some more docs (it makes sense
since CF is just doing what I told it). Removing the CFERROR
statement caused the site-wide template to finally fire.
Now for the real nasty. If I deliberately malform a CF tag like this
I can force the error to come out raw again (note the unclosed
/cfoutput):
<cftry>
<cferror type="REQUEST" template="oops.html">
<cfapplication
name="wazzup">
<cfoutput>#cgi.http_user_agent#</cfoutput
<cfcatch type="Any">
<cfinclude template="oops.cfm"><cfabort>
</cfcatch>
</cftry>
Then the cfcatch routine is ignored, as is the cferror statement. The
site-wide error handler fires AND the raw cf error is displayed. My
site-wide 'handler' is below.
WHAMMO
<cfloop
list="CFCATCH,ERROR"
index="loopItem">
<cfif IsDefined("#loopItem#")>
<cfdump var="#Evaluate(loopItem)#" label="#loopItem#">
</cfif>
</cfloop>
<cfabort>
How did something like this happen and how can it be prevented?
--
--mattRobertson--
Janitor, MSB Web Systems
mysecretbase.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Discover CFTicket - The leading ColdFusion Help Desk and Trouble
Ticket application
http://www.houseoffusion.com/banners/view.cfm?bannerid=48
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:201950
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
