Application.cfc

Defines application level variables and event handlers (functions invoked at various application lifecycle events).

component { this.name="myApp"; }

Application.cfc

this.name

Name of application. Up to 64 characters

this.loginStorage
Default: cookie

cookie: store login information in the Cookie scope.
session: store login information in the Session scope. Values:
  • cookie
  • session

this.clientManagement
Default: NO

enables client variables

this.clientStorage
Default: registry

How client variables are stored
* datasource_name: in ODBC or native data source.
You must create storage repository in the
Administrator.
* registry: in the system registry.
* cookie: on client computer in a cookie. Scalable.
If client disables cookies in the browser, client
variables do not work Values:
  • cookie
  • registry
  • datasource_name

this.setClientCookies
Default: YES

No: CFML does not automatically send CFID and CFTOKEN
cookies to client browser; you must manually code CFID and
CFTOKEN on the URL for every page that uses Session or
Client variables

this.sessionManagement
Default: NO

enables session variables

this.sessionTimeout

Lifespan of session variables. CreateTimeSpan function and
values in days, hours, minutes, and seconds, separated by
commas

this.applicationTimeout

Lifespan of application variables. CreateTimeSpan function
and values in days, hours, minutes, and seconds, separated
by commas.

this.setDomainCookies
Default: NO

Yes: Sets CFID and CFTOKEN cookies for a domain (not a host)
Required, for applications running on clusters.

this.scriptProtect

Specifies whether to attempt to protect variables from cross-site scripting attacks.
- none: do not protect variables
- all: protect Form, URL, CGI, and Cookie variables
- comma-delimited list of ColdFusion scopes: protect variables in the specified scopes Values:
  • none
  • all
  • form
  • url
  • cookie
  • cgi
  • form,url
  • form,url,cookie
  • form,url,cookie,cgi

this.secureJSONPrefix

CF 8+ The security prefix to put in front of the value that a ColdFusion function returns in JSON-format
in response to a remote call if the secureJSON setting is true.

this.secureJSON

CF 8+ A Boolean value that specifies whether to add a security prefix in front of any value that a ColdFusion function returns in JSON-format
in response to a remote call.

this.customTagPaths

CF 8+ A file path to a directory containing custom tags.

this.mappings

CF 8+ A structure of application mappings where they key is the mapping and the value is the directory path.

this.welcomeFileList

CF 8+ A comma seperated list of file names that will skip onMissingTemplate invocation - typically only necessary if you are using a builtin web server like Tomcat or JRun.

this.serverSideFormValidation

CF 9+ Enable/Disable ColdFusion‚ server side validation on CFFORM.

this.googleMapKey

CF 9+ the google maps api when cfmap is used.

this.datasource

CF 9+ Defines the default datasource for the application. As of CF 9.0.1+ it can also accept a struct with keys: name, username, password.

this.s3

CF 9+ A struct with keys accessKeyId, awsSecretKey and defaultLocation.

this.ormEnabled
Default: false

CF 9+ Set to true if you want to use ORM.

this.ormSettings

CF 9+ A struct with various Hibernate / ORM configuration options. For details see: https://helpx.adobe.com/coldfusion/developing-applications/coldfusion-orm/configure-orm/orm-settings.html

this.smtpServerSettings

CF 9+ A struct with possible keys: server, username and password.

this.timeout

CF 9+ The default request timeout in seconds for requests within the application. Can be overridden by the cfsetting tag.

this.debuggingIPAddresses

CF 9+ A list of IP addresses which show debugging output when debugging is enabled in the Administrator.

this.enableRobustException

CF 9+ Overrides the value of the ColdFusion Administrator checkbox "Enable Robust Exception Information" for the application.

this.sessioncookie.httpOnly
Default: true

CF 10+ Specifies if the session cookies (CFID/CFTOKEN) should have the HTTPOnly cookie flag set. This prevents the cookie value from being read from JavaScript.

this.sessioncookie.secure
Default: false

CF 10+ Specifies if the session cookies (CFID/CFTOKEN) should have the secure cookie flag set. When true the cookies are only sent over a secure transport (eg HTTPS).

this.sessioncookie.domain
Default: false

CF 10+ Specifies the cookie domain the session cookies (CFID/CFTOKEN).

this.sessioncookie.timeout
Default: 30 years

CF 10+ Specifies the expires value of the session cookies (CFID/CFTOKEN), in days. Set to -1 for browser session cookies.

this.sessioncookie.disableUpdate
Default: false

CF 10+ Prevents the session cookies (CFID/CFTOKEN), from being updated by cfcookie or cfheader tags.

this.javaSettings.loadPaths

CF 10+ An array of paths containing jar files or java classes.

this.javaSettings.loadColdFusionClassPath
Default: false

CF 10+ Loads the classes using ColdFusions classloader.

this.javaSettings.reloadOnChange
Default: false

CF 10+ Watches the files specified in loadPaths and reloads classes on change.

this.wschannels
Default: false

CF 10+ An array of structs used to define WebSocket communication channels. Example available below.

this.compileExtForInclude
Default: cfm,cfml

CF 11+ When cfinclude is invoked only file extensions in this list are compiled and executed as CFML, otherwise they are statically included as a string for improved performance and security. You can use * as a wildcard for all.

this.security.antiSamyPolicy

CF 11+ Path to an AntiSamy XML policy file for use with isSafeHTML and getSafeHTML functions.

this.strictNumberValidation
Default: true

CF 11+ Makes isValid, cfargument, cfparam, and cfform more strict with reguard to how the treat integer or numeric validation when the string contains a currency.

this.inMemoryFileSystem.enabled

CF 11+ Enables or disables in memory file system.

this.inMemoryFileSystem.size

CF 11+ Memory limit in MB for the in memory file system.

this.datasources

CF 11+ Create multiple an application specific datasources. This value is a structure whos keys are the name of the datasource to be created, and the values are another structure with keys such as: database, driver, host, username, password, url. Lucee / Railo also support this setting, but are configured with keys class, connectionString, username, password

this.serialization.preserveCaseForStructKey
Default: true

CF 11+ Preserves the case of your variable names when generating json using the serializeJSON function.

this.customSerializer

this.locale
Default: en_US

Lucee 4+ The default locale used for formatting dates, numbers.

this.timezone

Lucee 4+ The default timezone used for date handling. Values:
  • America/Chicago
  • America/New_York
  • UTC

this.sessionType

Lucee 4+ Use cfml or jee based sessions. Values:
  • cfml
  • jee

this.sessionStorage
Default: memory

Lucee 4+ The name of the storage provider for session variables.

this.localeMode
Default: classic

Lucee 4+ Defines how the local scope of a function is invoked when a variable with no scope definition is used. When classic the local scope is only invoked when the key already exists in it, with modern the local scope is always assumed on unscoped variables. Values:
  • classic
  • modern

this.scopeCascading
Default: standard

Lucee 4+ Depending on this setting Lucee scans certain scopes to find a variable when the variable is called without a scope (For Example: #myVar# instead of #variables.myVar#). When strict, only scans the variables scope, small only scans variables, url, and form scopes. When standard (the ColdFusion standard way) scans all scopes: variables,cgi,url,form,cookie Values:
  • standard
  • strict
  • small

this.typeChecking

Lucee 4+ If set to false Lucee ignores type defintions with function arguments and return values

this.compression
Default: false

Lucee 4+ Enables Gzip compression on the HTTP response when true

this.passArrayByReference
Default: false

CF 2016+ true: Arrays will be passed by reference instead of by value for this application.

this.searchImplicitScopes
Default: true

CF 2016+ Defines the way non-scoped variables are found.
false: Only the variables, local and arguments scopes are searched.
true: Default and < CF2016 behaviour. All scopes are searched in the following order: local, arguments, thread local, query, thread, variables, cgi, cffile, url, form, cookie, client.

Links more information about Application.cfc

Examples sample code using the Application.cfc function


Simple Application.cfc Example

A very basic script example

component {
    this.name = "AppName";
    this.datasource = "AppDataSource";
    this.sessionManagement = true;

    function onApplicationStart() {
        application.config="xyz";
    }

 }

Adding relative mappings in Application.cfc

This example uses getCurrentTemplatePath and getDirectoryFromPath to dynamically get the directory that the current Application.cfc resieds in and then defines some mappings relative to that. You want to avoid using expandPath in Application.cfc because the path will be relative to the current template path not the Application.cfc path.

component {
    this.name = "AppName";
    this.appBasePath = getDirectoryFromPath(getCurrentTemplatePath());
    this.mappings["/components"] = this.appBasePath & "components";
    this.mappings["/frameworks"] = this.appBasePath & "frameworks";

}

Defining WebSocket Channels

The minimum required to create a WebSocket channel is the name attribute. A channel can also specify a custom channel listener CFC, if not specified the ChannelListener.cfc, available in wwwroot/CFIDE/websocket directory is called (Using Channel Listeners).

Note: Though you can use any number of sub-channels, you do not specify them as they are dynamically created (dot notation). To subscribe to channels you create a WebSocket object using the cfwebsocket tag in your CFM template.

component {
    this.name = "AppName";
    this.wschannels = [{name=channelName, cfclistener=channel_listener_CFC}];
}

Relative mappings - Advanced Example

This example shows how to map to directories that are a level up from the Application.cfc (web root) as well as how to handle an application that will need to be deployed on multiple operating systems (Mac, Unix, Windows) due to differing developer environments. It uses Find to determine if we need to use forward or back slashes in our paths and ListDeleteAt to drop the current directory from the path. We can then build the path for our mappings and custom tags using this information.

component {
    this.name = "AppName";
    this.currentPath = getDirectoryFromPath( getCurrentTemplatePath() );
    this.delim = find("/", this.currentPath) ? "/" : "\";
    this.basePath = listDeleteAt(this.currentPath, listLen(this.currentPath, this.delim), this.delim);
    this.mappings["/components"] = this.basePath & this.delim & "components";
    this.mappings["/frameworks"] = this.basePath & this.delim & "frameworks";
    this.customtagpaths = this.basePath & this.delim & "customtags";

}

Full Application/Request Lifecycle Methods

This shows all of the built-in Application.cfc methods.

component { 
    /* 
        Application variables 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/Application+variables 
    */ 
    this.name = "YourAppName" & hash(getCurrentTemplatePath()); 
    this.applicationTimeout = createTimeSpan(1,0,0,0); 
    this.sessionTimeout = createTimeSpan(1,0,0,0); 
    this.sessionManagement = true; 
    this.setClientCookies = false; 
 
    /* 
        onApplicationStart 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onApplicationStart 
        First function run when ColdFusion receives the first request for a page in the application. 
    */ 
    public boolean function onApplicationStart() { 
        return true; 
    } 
 
    /* 
        onApplicationEnd 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onApplicationEnd 
        Last function run when Application times out or server is shut down. 
    */ 
    public void function onApplicationEnd(struct applicationScope={}) { 
        return; 
    } 
 
    /* 
        onSessionStart 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onSessionStart 
        Run when first setting up a session. 
    */ 
    public void function onSessionStart() { 
        return; 
    } 
 
    /* 
        onSessionEnd 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onSessionEnd 
        Run when a session ends. 
    */ 
    public void function onSessionEnd(required struct sessionScope, struct applicationScope={}) { 
        return; 
    } 
 
    /* 
        onRequestStart 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onRequestStart 
        First page-processing function run when a page request starts. 
        Return False to prevent ColdFusion from processing the request. 
    */ 
    public boolean function onRequestStart(required string targetPage) { 
        return true; 
    } 
 
    /* 
        onRequest 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onRequest 
        Runs when a request starts, after the onRequestStart event handler. 
        This method is optional. If you implement this method, it must explicitly call the requested page to process it. 
    */ 
    public void function onRequest(required string targetPage) { 
        include arguments.targetPage; 
        return; 
    } 
 
    /* 
        onCFCRequest 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onCFCRequest 
        Intercepts any HTTP or AMF calls to an application based on CFC request. 
        Whereas onRequest handles only requests made to ColdFusion templates, this function controls Ajax, Web Service, and Flash Remoting requests. 
    */ 
    public void function onCFCRequest(string cfcname, string method, struct args) { 
        return; 
    } 
 
    /* 
        onRequestEnd 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onRequestEnd 
        Runs at the end of a request, after all other CFML code. 
    */ 
    public void function onRequestEnd() { 
        return; 
    } 
 
    /* 
        onAbort 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onAbort 
        Runs when you execute the CFML tag cfabort or cfscript "abort". 
        If showError attribute is specified in cfabort, onError method is executed instead of onAbort. 
        When using cfabort, cflocation, or cfcontent tags, the onAbort method is invoked instead on onRequestEnd. 
    */ 
    public void function onAbort(required string targetPage) { 
        return; 
    } 
 
    /* 
        onError 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onError 
        Runs when an uncaught exception occurs in the application. 
        This method overrides any error handlers that you set in the ColdFusion Administrator or in cferror tags. It does not override try/catch blocks. 
    */ 
    public void function onError(required any exception, required string eventName) { 
        return; 
    } 
 
    /* 
        onMissingTemplate 
        https://wikidocs.adobe.com/wiki/display/coldfusionen/onMissingTemplate 
        Runs when a request specifies a non-existent CFML page. 
        True, or no return value, specifies that the event has been processed. If the function returns false, ColdFusion invokes the standard error handler. 
    */ 
    public boolean function onMissingTemplate(required string targetPage) { 
        return true; 
    } 
}

Fork me on GitHub