Ask a Jedi: Excluding Pages from Application.cfm/cfc

This post is more than 2 years old.

A reader asks:

Ray, what's a good way to exclude pages from having Application.cfm/.cfc applied to them? Say, for a form that asks the user for an e-mail address if they forgot their password, or a form to register for a site?

So you can't tell ColdFusion to ignore an Application.cfm/cfc file. You could put your file in a subfolder and then use an empty Application.cfc/cfm. However, I'm guessing you probably don't want to do that. For example - the forgot password functionality will probably require things from your Application.cfc/cfm file. I'm also guessing that you applying security to your site that works something like this pseudo-code:

onRequestStart { if(not logged in) { try to log them on if possible show login form and abort } }

This code basically says, if you aren't logged in, force login.cfm to load and stop everything else. This works fine - but if you want a register or "Forgot Password" type page, how do you handle it?

One way around it is to do it all in one file. That's what I do for Galleon. Galleon doesn't force you to login to browse, but you will notice on the login page that we support both logging in, registering, and retrieving a lost password. This works for Galleon since the registration is somewhat simple.

Another possibility is to modify your security a bit. Instead of - "Always go to login.cfm if not logged in", your logic could be "Always go to login.cfm if not logged in unless you are at register.cfm". This is a bit of a hack I suppose, but is safe since you are still blocking access to everything except one page.

To make that a bit more general - let's say you didn't want onRequestStart to do anything for a set of files. You could simply put them in a sub folder - add an Application.cfc that extends the parent, and write a blank onRequestStart.

As always - I open it up for alternatives. (Although I wish smart people would stop adding comments that are ten times better than mine. What's wrong with you people?? :)

Raymond Camden's Picture

About Raymond Camden

Raymond is a developer advocate for HERE Technologies. He focuses on JavaScript, serverless and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support. You can even buy me a coffee!

Lafayette, LA