Ouch - this cookie bug has teeth

Thanks to my buddy Nick Hill for finding this and Jason Dean for making an even simpler demo. Looks like there is a pretty serious bug with the Cookie scope in CF9. If you attempt to use structClear to remove cookies, ala:

<cfset cookie.test = 3 /> <cfset cookie.hammer = 5 /> <cfset structClear(cookie) />

You will get an array index out of bounds error. If you switch to using structDelete and the individual cookies you end up with the cookies still there but with no value, which may be fine. You get the same with cfcookie/expires=now.

You want to watch out for this if you use structClear(cookie) as your logout function (as Nick did). If you want to vote for this bug (although seriously- does this need to be 'voted'??) then you can go here: http://cfbugs.adobe.com/cfbugreport/flexbugui/cfbugtracker/main.html#bugId=82723

Raymond Camden's Picture

About Raymond Camden

Raymond is a developer advocate. He focuses on JavaScript, serverless and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support. You can even buy me a coffee!

Lafayette, LA https://www.raymondcamden.com

Comments