ColdFusion's JSON Prefix feature - more than AJAX

This post is more than 2 years old.

That's a pretty poor title, but hopefully things will make more sense when I explain it. Earlier this week I blogged about JSON prefixes and how you could handle them in jQuery and jQuery UI. While not specifically a ColdFusion topic, it was easy to test since ColdFusion has a feature where it can automatically prefix your JSON strings. This can be done at the server level, application level, and even the method level if you want. So given a CFC that returns some data, if you enable this feature and use the default prefix of //, your JSON may look like this:


No big deal. You can easily work around it. But here's what surprised me. I had always assumed this was for Ajax services only. By that I mean, given a CFC that returns data, if this feature is on and I request the CFC with returnformat=json, I'd expect that to be the only place where the prefix is added. Not true! Consider this:

<cfset d = {x=[1,2,3],y="ray"}> <cfoutput>#serializejson(d)#</cfoutput>

In this snippet, which has nothing to do with Ajax, nothing to do with remote CFC calls, the JSON string is also prefixed with //. Admittedly I can't think of many situations where I'm not using JSON for Ajax, but the point is, I did not expect this. Am I alone in this?

My recommendation is - you probably want to explicitly disable this feature in your Application.cfc file if you don't want to use it. Anyone who develops open source code or code that a client may put on a shared host will probably want to ensure the feature isn't enabled by accident.

Raymond Camden's Picture

About Raymond Camden

Raymond is a developer advocate for HERE Technologies. He focuses on JavaScript, serverless and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support. You can even buy me a coffee!

Lafayette, LA