cfapplication

Defines the scope of a CFML application and allows you to set various application specific settings. Consider using Application.cfc instead of Application.cfm files.

 <cfapplication>

 component { /* Application.cfc */ this.name="myAppName"; }

Discouraged: Use Application.cfc instead of Application.cfm files. The Application component provides better organization and additional features. Note that if you are using Application.cfm it should contain a cfapplication tag.

cfapplication Attribute Reference

name string

Name of application. Up to 64 characters

loginstorage string
Default: cookie

cookie: store login information in the Cookie scope.
session: store login information in the Session scope.
Values:
  • cookie
  • session

clientmanagement boolean
Default: false

enables client variables
Values:
  • true
  • false

clientstorage string
Default: registry

How client variables are stored
* datasource_name: in ODBC or native data source.
You must create storage repository in the
Administrator.
* registry: in the system registry.
* cookie: on client computer in a cookie. Scalable.
If client disables cookies in the browser, client
variables do not work
Values:
  • cookie
  • registry
  • datasource_name

setclientcookies boolean
Default: true

No: CFML does not automatically send CFID and CFTOKEN
cookies to client browser; you must manually code CFID and
CFTOKEN on the URL for every page that uses Session or
Client variables
Values:
  • true
  • false

sessionmanagement boolean
Default: false

enables session variables
Values:
  • true
  • false

sessiontimeout Timespan

Lifespan of session variables. CreateTimeSpan function and
values in days, hours, minutes, and seconds, separated by
commas

applicationtimeout Timespan

Lifespan of application variables. CreateTimeSpan function
and values in days, hours, minutes, and seconds, separated
by commas.

setdomaincookies boolean
Default: false

Yes: Sets CFID and CFTOKEN cookies for a domain (not a host)
Required, for applications running on clusters.
Values:
  • true
  • false

scriptprotect string

Specifies whether to protect variables from cross-site scripting attacks.
- none: do not protect variables
- all: protect Form, URL, CGI, and Cookie variables
- comma-delimited list of ColdFusion scopes: protect variables in the specified scopes
Values:
  • none
  • all
  • form
  • url
  • cookie
  • cgi
  • form,url
  • form,url,cookie
  • form,url,cookie,cgi

securejsonprefix string

The security prefix to put in front of the value that a ColdFusion function returns in JSON-format
in response to a remote call if the secureJSON setting is true.
Values:
  • true
  • false

securejson boolean

A Boolean value that specifies whether to add a security prefix in front of any value that a ColdFusion function returns in JSON-format
in response to a remote call.
Values:
  • true
  • false

serverSideFormValidation boolean

Enable/Disable ColdFusion‚ server side validation on CFFORM.
Values:
  • true
  • false

Fork me on GitHub