what’s next in coldfusion raymond camden. this guy developer evangelist for adobe blog: email:...
TRANSCRIPT
What’s Next in ColdFusionRaymond Camden
This Guy
Developer Evangelist for Adobe
Blog: www.coldfusionjedi.com
Email: [email protected]
Twitter: cfjedimaster
So what’s next in Zeus?ZEUS!
ColdFusion Zeus
Is a code name
For the "next" version
Not necessarily ColdFusion 10
NOT TALKING ABOUT:Release Dates
Prices
Editions
Politics or Religion
Zeus Features (Some of…)
Admin Improvements
Security out the Ying Yang
Language Improvements
Solr Improvements
Java Integration
REST
HTML5/Mobile
Web Sockets
Charting
More Zeus features…
No more Verity (yes, that's a feature)
No more JRun (ditto!)
Microsoft Exchange 2010 support
Web Service: Axis 2 + Document Literal
Scheduled Tasks are Epic
ALL FEATURESNOT FINAL!
Admin Improvements
Hot Fix Installer
Template Cache – By Folder
Clear Query Cache
File Browser
IP Addresses for Admin
Demos
Security Enhancements
XSS/CSRF Protection
Session Improvements
Hash/HMAC
File Type Mime Checks
And more…Mail CRLF protection, cflogin strengthened,
other services improved
XSS Protection
Cross-site Scripting
New functions:encodeForHTML
encodeForHTMLAttribute
encodeForJavaScript
encodeForCSS
encodeForURL
Demos
/demos/security/xss
CSRF Protection
Cross-Site Request Forgery
New functions:CSRFGenerateToken
CSRFVerifyToken
Demos
/demos/security/csrf
Session Improvements
httpOnly on by default
Secure (default is false)
Domain
Timeout (days, -1 for killing session when browser closes)
sessionInvalidate and sessionRotate
Example
this.sessioncookie.httponly="true";
this.sessioncookie.secure="true";
this.sessioncookie.domain="value";
this.sessioncookie.timeout="value";
Hash/HMAC
Hash can now be told to iterate N times: hash(input, "sha", 4)
HMAC – Hash-based Message Authentication Code
Demo
/demos/security/hash.cfm
Mime Type Checking
cffile upload
getFileMimeType
Demos
/demos/security/fileupload.cfm and filemimetype.cfm
Language Improvements
In no particular order…
Cookie via Script
For-in for Queries
Append to file with content
Call Stack
Application Metadata
Disk Space
App-specific VFS
CFC implicit constructors, method chaining, implicit notation
XPath2
Oh, and….
CLOSURES!
Demos
/demos/lang
/demos/cfcs
Solr
Dynamic custom fields (as many as you want, even up to 11!)
ORM based search
Data Import Handler (no more cfquery)
Other misc things… (more languages for example)
Demos
Custom Fields demo
ORM Search demo
Java Integration
Ability to load Java libraries JavaLoader RIP
Java access to CFC files:CFCProxy myCFC = new CFCProxy(cfcPath,
true);
Demo
/demos/java
REST
RESTful web services are built to work best on the Web. Representational State Transfer (REST) is an architectural style that specifies constraints, such as the uniform interface, that if applied to a web service induce desirable properties, such as performance, scalability, and modifiability, that enable services to work best on the Web. In the REST architectural style, data and functionality are considered resources and are accessed using Uniform Resource Identifiers (URIs), typically links on the Web. The resources are acted upon by using a set of simple, well-defined operations. The REST architectural style constrains an architecture to a client/server architecture and is designed to use a stateless communication protocol, typically HTTP. In the REST architecture style, clients and servers exchange representations of resources by using a standardized interface and protocol.
From: http://download.oracle.com/javaee/6/tutorial/doc/gijqy.html
REST
Who cares what it is – we make it easy! (Btw – I'm kidding. Mostly.)
Extensions to component, function, argument, application.cfc, and the Admin
Demos
/demos/rest
HTML5/Mobile
CFMAP
CFMEDIAPLAYER
cfinput won't barf on new items (like type=range)
Detection of browser capabilities
Device info (VERY IN FLUX)
this.deviceInfo=true; or getDeviceInfo()
device_nameajax_support_javascriptcookie_supportdevice_os device_os_version full_flash_supporthttps_supportis_tabletis_wireless_devicemobile_browsermobile_browser_versionmodel_extra_infomodel_namephysical_screen_heightphysical_screen_widthpointing_methodstreaming_preferred_protocol
Demos
/demos/cfmap
/demos/testinput.cfm
Web Sockets
Bidirectional communicationOne client to all the rest
Server to all clients
Front end support via <cfwebsocket>
Back end support for defining listeners
Demo
Charting
All new charting engine
Styles are JSON objects
Deeper configuration via JSON
Lots of new features
Demo
And more to come…