Smart Quotes Strike Again

coldfusion (This post is more than 2 years old.)

Earlier today I helped a buddy of mine who was trying to get CORS working with ColdFusion. He followed my simple tip (Enable CORS for ColdFusion Services) but it didn't work. I did some digging and this is what I found.

The first thing I did was to open up his service directly in my browser. I knew I could use Chrome's DevTools to look at the header responses from his service. This is what I saw.

See the funky crap around the Access-Control-Allow-Origin line? That was my clue. I asked him for the code and this is what I saw:

See it? The quotes around the header name and value are those funky smart quotes (they probably have a more formal name) and not "regular" quotes (compare to the name of the function above). So... yeah. They suck.

Hire Me!

I'm currently looking for my next role in developer evangelism and advocacy. I have a long history of helping companies work with developers and love to write, create demos, and present at conferences. You can find my resume to learn more and drop me an email (raymondcamden@gmail.com) to reach out.

Support this Content!

If you like this content, please consider supporting me. You can become a Patron, visit my Amazon wishlist, or buy me a coffee! Any support helps!

Want to get a copy of every new post? Use the form below to sign up for my newsletter.

Archived Comments

Comment 1 by Salvatore fusto posted on 1/31/2014 at 1:12 PM

Ray, i've found the same problem with <cfheader>, so i tried:
getPageContext().getResponse().setHeader( "Access-Control-Allow-Origin", "*" ) that is a good basic solution imho.
for all undocumented getpageContext() refer to:
http://www.bennadel.com/blo...
regards

Comment 2 by Raymond Camden posted on 1/31/2014 at 4:39 PM

Err, I'm confused. The issue with cfheader was the bad quotes. The fix was to use proper quotes.

Comment 3 by Salvatore fusto posted on 1/31/2014 at 8:06 PM

Ray, time ago i tested an angular app working on my laptop, with an ip, fetching data from my server with another ip, using ajax, and of course i had CORS issues. i tried your solution, writing th code by hand with single and double quotes in attribute values, with no luck.
then i tested a jsonp call and getpageContext() as mentioned and all worked fine, jsonp and getPageContext().
regards

Comment 4 by Raymond Camden posted on 1/31/2014 at 8:27 PM

Hmm. If you can ever go back and revert to cfheader, let me know. I'd like to see it.