Ensuring Sequential Uppy Uploads Using the Bundled XHR Option

We will discuss how to force Uppy to upload images sequentially using Uppy's Bundled setting with XHR uploads

From: Gregory's Blog

Fixinator fixes unscoped variables

Last week's Adobe ColdFusion security update disabled searchImplicitScopes by default.

From: Pete Freitag's Homepage

If You're Running an Intranet Connections Lucee Instance, Ensure That You've Change the Default Lucee Admin Password

Last week, researchers at Sprocket Security wrote about post-exploitation in Lucee via malicious extensions.

From: Hoya Haxa - A Security Research Blog

Daily Group Code Reviews - Increasing Efficiency

While many junior Devs struggle with code reviews, both when performing and receiving them, I've found that even the more senior team members sometimes struggle with comments left on their code.

From: Michael Walter Van Der Velden

ColdFusion searchImplicitScopes and APSB24-14

Adobe has published a ColdFusion Security Hotfix APSB24-14 today which describes "a critical vulnerability that could lead to arbitrary file system read".

From: Pete Freitag's Homepage

Updates released for ColdFusion 2023/2021, Mar 12 2024, possible breaking change, solutions

This is a very important heads-up for my readers: there was an important security update released today by Adobe for ColdFusion 2023 (update 7) and 2021 (update 13).

From: Charlie Arehart - Server Troubleshooting

Domain Expiration - A Reminder

Yesterday around mid-day, mikevdv.

From: Michael Walter Van Der Velden

Apple going to intentionally kneecap the web: PWAs

Remember the days that Apple used to pitch itself as David in the David and Goliath stories? Well, over the years, the tables have turned as safari has become like the IE of Old. Apple, in a short number of days, are going to intentionally kill off PWA support.

From: Michael Walter Van Der Velden

What Does ColdFusion's verifyClient() Do?

I recently saw a ColdFusion question about verifyClient and remote CFC functions.

From: Hoya Haxa - A Security Research Blog

Come Learn About Web Components!

Did you miss the Adobe ColdFusion Summit in Las Vegas last year? Still bummed about missing all the rad content? You're in luck!  Adobe is currently running the ColdFusion Online Summit 2024 -- it's the same (I think) sessions that were done in Las Vegas, but on line so you can watch from the c...

From: South of Shasta: Software Development, Web Design, Training

Implementing Client Side File Uploading with Uppy

In this article, I will show you how to integrate Uppy, a popular open-sourced JavaScript uploader, with ColdFusion to allow your users to upload files.

From: Gregory's Blog

Recent critical Lucee security vulns: make sure you're protected, finding out more about them

There has been important news released (this week and last week) about a critical Lucee security vuln (an RCS or remote code execution vuln). You'll want to make sure your Lucee instances are protected either by updates or configuration (or both). There are actually 3 matters to beware. [More]

From: Charlie Arehart - Server Troubleshooting

Thinking Defensively About Three Recent Lucee Vulnerabilities

Last week, Harsh Jaiswal and Rahul Maini from ProjectDiscovery released some impressive security research on multiple vulnerabilities in Lucee (and Mura CMS and Masa CMS).

From: Hoya Haxa - A Security Research Blog

Uploading Files With ColdFusion

In this article, we will cover how to upload data to the server using ColdFusion. We will also discuss security concerns and common best practices when uploading data using ColdFusion.

From: Gregory's Blog

How to Install and Register Adobe Fireworks Using Adobe Cloud

A few years ago, Adobe deprecated Adobe FireWorks and made it difficult to find and install. If you need a moderately robust graphics program for the web, this article will show you how to get around some of the common issues of installing Adobe Fireworks.

From: Gregory's Blog

MVC With and Without a Framework

So you've looked at CF Components, and kind of understand the basics of how they work.

From: South of Shasta: Software Development, Web Design, Training

Tags vs Cfscript in ColdFusion and Lucee

ColdFusion supports both a tag-based language, similar to PHP, and cfscript, which is a C-style language similar to Javascript. In this article, we will discuss some of the potential use cases of both styles.

From: Gregory's Blog

My Books are Updated for Angular 17

Angular 17 is out; and the Learn With Series is updated.

From: Jeffry Houser's Blog