ColdFusion: a piece of functionality should do one thing, and do it well

G'day:
One of my pet hates is having a function called doX(), and doX() does X, but it also does Y.

An example of this is CFML's isValid() function which not only checks validity - as one might expect - but also trims any string values its validating first. The function is not called isValidAfterTrim(), so it should not do the trimming. If one wants to trim a value before validating it... call trim() then isValid(). Simple. Another example is <cfdump> which picked up and abort attribute along the way. This was because some mungbean said "well usually I want to dump and abort, so why can't dump just abort too". And for some stupid reason Adobe went "oh yeah... let's do that". No. If you want to abort after you dump... do an abort after your dump. Don't change <cfdump> to be <cfdumpandabortifyoulike>. That's dumb. At least the Lucee ER to have <cfinclude> also do an abort got rejected ("Add optional abort Attribute to cfinclude"). FFS.

The reason to this is to keep units of functionality small, for starters. It makes them easier and more coherent to test. Also the more functionality one piles into a function (and for this purpose, a tag is just a function that looks funny ;-), the more potential for it being broken as it's maintained. Plus it makes code less clear and less clean.

A function should do one thing, and do it well.

Anyway, today I got wind of this ER: "encodeFor attribute for cfoutput, writeOutput". The intent is honourable, but it suffers from trying to do too much. The gist of it is:

While ColdFusion 10 added the various ESAPI encodeFor* functions, it is dependent upon the developer to properly wrap location where used with the appropriate function (e.g. <cfoutput>#EncodeForHTML(url.name)#</cfoutput> ). Adding an attribute encodeFor negates the need for wrapping individual variables and would process the entire block contained within <cfoutput>cfoutput>cfoutput> for anything within #'s with the appropriate ESAPI EncodeFor* function specified.

On the face of it this sounds reasonable. It still smacks of "doing too much", so I echoed my position as much.

I sometimes doubt I'm being too dogmatic about these things, so I asked on the #CFML Slack channel, and John Whish came up with a great counter example:

<cfoutput encodeFor="HTML">
    #url.name#
    <a href="whatever.cfm?id=#url.id#" onclick="get(#url.id#)">Go to whatever.cfm?id=#url.id#</a>
</cfoutput>

What's this gonna do? Encode all the expressions within it for HTML. Which is only correct for #url.name#. #url.id# should be encoded for URL, JavaScript and URL for each of its three respective uses. However a less than discerning dev might not "get" that, and now their output is encoded incorrectly.

So what we'd need to then do is this:

<cfoutput encodeFor="HTML">#url.name#</cfoutput>
    <a href="whatever.cfm?id=<cfoutput encodeFor="URL">#url.id#</cfoutput>" onclick="get(<cfoutput encodeFor="JavaScript">#url.id#</cfoutput>)">Go to whatever.cfm?id=<cfoutput encodeFor="URL">#url.id#</cfoutput></a>

What a mess. What we could do is this:

<cfoutput>
    #encodeForHtml(url.name)#
    <a href="whatever.cfm?id=#encodeForUrl(url.id)#" onclick="get(#encodeForJavaScript(url.id)#)">Go to whatever.cfm?id=#encodeForUrl(url.id)#</a>
</cfoutput>

Look familiar? Yeah... we already have the correct (and safe) implementation in place.

We don't need to mess with something that's supposed to just output, and make it do something different as well. It's a bad approach to designing the language.

I reckon this ER should be pulled. It's a pity the work has already been done...

Thoughts?

--
Adam

The quality of the new ColdFusion docs in one quick screencap

G'day:

This is from Creating and Using Custom CFML Tags.

Chuckle.

--
Adam

ColdFusion bugs: credit where it's due

G'day:
I never thought I'd have cause to write something like this:

Oddly, I can't find a single #ColdFusion bug I care about that I've raised that isn't fixed, about to be fixed (or not-fixed legitimately)

— Adam Cameron (@DAC_dev) September 29, 2015

But it's true. The bulk of the bug tickets I've raised have been fixed. Many more are flagged to be fixed. There's a bunch that have been "deferred" or "closed/nuh-uh/nothappening", but they're mostly inconsequential.

So I myself have nothing to add to this drive to get the ColdFusion Team to look at outstanding bugs that are important to us (earlier: "A real prospect of getting engagement from the ColdFusion Team regarding your "favourite" bugs").

I guess I've been impacted by bugs other people have raised, so I'll sift through those too.


Weird.

--
Adam

A real prospect of getting engagement from the ColdFusion Team regarding your "favourite" bugs

G'day:
Dan Fredericks, backed by Elishia Dvorak and later Denard Springle have asked me to spread the word and garner some interest in an idea they've had to improve engagement between the ColdFusion community and the Adobe ColdFusion Team. We had a round of emails yesterday, and Dan and Denard have come up with this write-up:

This past weekend while attending NCDevCon 2015, Adobe... at the bequest and in conjunction with CFML community members... came up with an idea that we hope will help foster and facilitate better communication between the Adobe CF development team and community members.

The idea, in a nutshell, is to take advantage of the momentum we are building as a community with our Slack channel and work together to generate a list of the communities most pressing and important CF bugs that need addressed. They want us to use the Slack channel [#adobe] to accomplish this.

To participate, simply join the channel and work as a community to come up with a list of the most important bugs.

There are some caveats to this request... We ask for you to put in the bug number from the Adobe bug base and give a concise use case for why it should be in this list. Other community members can then comment on the bug and/or the use case. This way we can have open community dialog on the bugs to make sure we get the best and more pressing list of bugs for Adobe.

[The] channel will be used to do this for 3 weeks[...]. All community comments [in this period] will be used to aggregate the bug numbers and business cases, and turned over to the CF team to have a larger internal discussion of those bugs.

After a timely review of the aggregated data by the Adobe CF team they will update us on the status of the bugs on the list via the [#adobe] channel [you need to have subscribed to the #cfml channel first before that will work], a blog post and/or other Slack channels.

This status will include which bugs were accepted to be addressed, and which ones were not accepted. In each case the community expects a fuller explanation of what is chosen to be addressed and what is not, and why those decisions were made. It is our hope that this may lead to a more inclusive discussion of the bugs that are elected not to be addressed if the reasons given turn out to be poor. It is also the community’s expectation that the bug base will likewise be updated with fuller explanations for the actions taken on these bugs.

We hope by using Slack, which is getting a lot of daily use, the community can come together more readily with the Adobe CF development team and put together the best list possible. If this is a successful venture, then we will try using Slack more aggressively with the Adobe CF dev team to foster a more open relationship that benefits all concerned parties.

Is the ColdFusion community about to lose the ability to update the docs?

G'day:
(Hopefully this is a nod to Ian Betteridge in my subject line there).

I read this last night, on ticket 4010693:

Update: Adobe has copied the wiki docs over to AEM (Adobe Experience Manager). The AEM docs cannot be edited by anyone outside of Adobe. The wiki will be taken offline in about a week or so (guessing October 1st).

To verify, see Adobe's comments here: https://bugbase.adobe.com/index.cfm?event=bug&id=3921578

Thanks!,
-Aaron

And the comment in question is (from the pleasingly named "Jacob Jayakar Royal"):

Yes, Nitin, already migrated. All our CF content is there in helpx already. Wiki pages can't be viewed after a week or so.

So... um... what?

The only useful thing Adobe have ever done with the ColdFusion docs is to put them on the wiki so we (ie: the community) could actually fix them up. And now it seems they're taking it back in house?

I can't see anything that confirms Aaron's comment that "The AEM docs cannot be edited by anyone outside of Adobe", but that would really suck if it was so.

It would be really good if someone from Adobe (I'm looking at you, Anit) could clarify what's going on here?

Cheers.

--
Adam

ColdFusion / Lucee: the first two things I do when I find a new CFML site

G'day:
I just had to email yet another ColdFusion-based website about security holes in their website. Which I found via a Google search result when searching for [something else]. It'll be interesting to see if they do anything about it.

If you run a ColdFusion website, do this:

http://yourdomain.com/CFIDE/administrator

Or on a Lucee website:

http://yourdomain.com/lucee/admin/web.cfm
http://yourdomain.com/lucee/admin/server.cfm

Or on Railo:

http://yourdomain.com/railo-context/admin/web.cfm
http://yourdomain.com/railo-context/admin/server.cfm

If you see anything other than a 404 page, your site is possibly insecure. You must not expose your admin UI to the public.

Then try this:

http://yourdomain.com/Application.cfm

If you get a CFML error message instead of your web server error page, you are also emitting information about your site you should not be.

Whenever I hear about a CFML website, I check those two things. depressingly often I find them not secure. And note: if you're in the habit of announcing the launch of new CFML-driven websites, make sure you've done this stuff first.

As I have said before: "Don't advertise yourself as a CFML website". Ideally you should not even be exposing URLs which have a .cfm extension, as this is giving away information you should not be giving away. That said, I would not worry too much about that, but definitely do worry about having you CF Administrator exposed.

What you really ought to do whenever you are going to launch a new CFML-driven website is engage Foundeo (disclosure: I have nothing to do with Foundeo, and I am making this recommendation solely because I respect the work they do) to do a security audit for you:  HackMyCF. They'll check all sorts of stuff for you, and make sure you're secure. And you really must do this sort of thing as a matter of course.

Don't leave yourself exposed and become one of those news stories.

--
Adam

New bug status for ColdFusion bugs: DELETED/NEVERHAPPENED

G'day:
This is just a repro of something Aaron said on the bugbase, which reveals a rather interesting act of weirdness on the part of the Adobe ColdFusion Team. And you know how I love those.


I spotted this today on the Adobe bug tracker (look quick, before it gets redacted!):

[ANeff] Bug for: Adobe is deleting thousands of tickets from their public bug tracker

Adobe is deleting thousands of tickets from their public bug tracker. 2,824 ColdFusion tickets have been deleted between June 9, 2015 and September 22, 2015.

Steps to Reproduce:
1) Try to view any of these ColdFusion tickets which were fixed in CF11 Update 3: 3041747, 3043855
2) Try to view any of these ColdFusion tickets which were fixed in CF11 Update 5: 3037144, 3039708, 3041684, 3041790, 3043111, 3043375, 3043657, 3044064, 3114274, 3226380, 3369472, 3520983, 3673298, 3842326
3) View attached 20150609_CFTicketsTotal.jpg and see total ColdFusion ticket count was 5,140 on June 9, 2015
4) View attached 20150922_CFTicketsTotal.jpg and see total ColdFusion ticket count was 2,316 on September 22, 2015
5) View attached 20150609_CFTicketsFiled.jpg and see -my- total ColdFusion ticket count was 455 on June 9, 2015
6) View attached 20150922_CFTicketsFiled.jpg and see -my- total ColdFusion ticket count was 328 on September 22, 2015

Action Items:
1) Restore the tickets deleted between June 9, 2015 and now.
2) Delete no more tickets.

My emphasis.

I can confirm a lot of the bugs I have raised have been deleted. I don't track the numbers, but I can see they're way down. Also looking at one of my older blog articles ("Most popular unhandled ColdFusion bugs"), all the ones I checked from that list - and a reminder: those are the most popular unhandled bugs: so ones we clearly care about - have been deleted.

So what's going on here then? What on earth would possess Adobe to delete this stuff? Even if a ticket has been fixed, it's all valuable historical information... not everyone will be patched-up or running the current version, and the ColdFusion Team has a nasty habit of closing tickets when they can't be arsed doing anything about it, so a lot of historical bugs will still actually be potentially impacting their clients. All this sort of action is achieving is increasing potential work for their clients as they troubleshoot issues which might actually already have been identified and discussed (if not fixed).

What's more, the content of those tickets is - on the whole - the community's work, not Adobe's. I put effort into tickets I raise so they're googleable and reproduceable and are intended to stay there so as to save people time if they run across the same issue. So please don't delete my bloody work, Adobe. Or Aaron's work. Or Ray's or anyone else's.

And, um... please explain.

Update:

And, indeed, they have explained. Apparently it was not their team that did it, it was another team. The team who looks after the Adobe bug tracker were a bit too zealous in making older versions of ColdFusion unselectable when raising new tickets, and in the process made all the tickets for those versions "invisible". Okey dokey then. I do have to wonder why no-one on the ColdFusion Team noticed this change, or checked the results of it, or... seemed to care, prior to Aaron bringing it up..?

--
Adam

The Adobe ColdFusion Team loses a good 'un

G'day:
I was a bit let down to read this yesterday:

Adieu Adobe! Long due post but here it goes - http://t.co/ZMVeMQtY2T #adobe #coldfusion

— Hemant Khandelwal (@khandelwalh) September 12, 2015

It seems like long-standing ColdFusion Team member Hemant is moving on to new things. Firstly: congratulations to Hemant on the new gig. You've been at Adobe for ages, so it must be a big thing to move on!

For my part: I've been interacting with Hemant regarding ColdFusion for a bloody long time. He was always a key participant in the ColdFusion pre-releases, and always had an indefatigable approach to dealing with his clients in a professional and collaborative manner.

Recently his participation has been less obvious, and I had wondered if he was still around; perhaps his role had changed, or perhaps victim of some policy team management have adopted to stop team members from engaging with the public (except, obviously, for Anit)

I always had the impression Hemant knew what he was on about, understood ColdFusion, and also understood to a better degree than most of his colleagues the motivations and needs of the ColdFusion community.

Hoepfully Adobe will find someone suitable to fill Hemant's shoes, and they step up to keep ColdFusion fresh, and perhaps also put additional efforts in to add a new communications channel (over and above Anit) back to the ColdFusion Team.

I look foward to Adobe's introduction of his replacement.

Best of luck, Hemant. It's been good working with you on the occasions we've interacted.

Righto.

--
Adam

ColdFusion: getting the audit trail exposed on the bug tracker

G'day:
Just quickly. Obviously I've fallen foul of the Adobe bug tracker in the last coupla days... mostly due to my dim wits, but not helped by the fact it doesn't present information as thoroughly as it could.

Aaron Neff has had the presence of mind to raise a ticket to get the audit trail exposed on the UI, which I think would help a lot with the clarify of what's going on, and also better expose the activity taking place on issues we're interested in.

The issue is "[ANeff] ER for: Display audit trail on tickets" (4054727). It's already been marked as "To Fix", but I'm sure we could get action on it more quickly if we got some more votes & observations added to it from as many people in the ColdFusion community as possible.

Can I urge you to go have a vote.

Righto.

--
Adam

ColdFusion Team: further erosion of trustI'm an arsehole

G'day:

Update 4:

I was completely wrong in what I said in this article, and I am not proud of myself as a result. I am leaving the article here as evidence of what a prick I can be. You should instead read this article: "Wrong".

Null coming to a ColdFusion near you?

G'day:
Am at the pub watching England in the process of handing Ireland their arses to them, which is... disappointing. Still: Ireland's still in the game, and there's 40min left.

Anyway, I spotted this status change to a ticket I raise  in the Adobe bugbase this morning:

Null

[Just] Sort it out[...]. Break any backwards compat you need to to do this. Just make it work. Null is a real thing, stop pretending it isn't or than an empty string is a suitable facsimile of it.

And... blimey... they've only gone and changed the status of the ticket to "To Fix" (admittedly with a sub-status of "Investigate".

About bloody time.

Now... they might investigate and decide to "Close/NeverFix/CantBeArsed" so what you - the ColdFusion community - need to do is go make yer voice heard, and vote and or comment on that ticket. Remind Adobe that lack of the formal concept of null in the language is a right pain in the arse, and wastes a lot of our time. It might have made sense to omit this back when ColdFusion was first release back in the 90s an all it was for was looping over record sets and displaying them, but our industry has moved on and the expectations on CFML devs now is to write applications not "My Web Site", so the kind of code we're writing has changed, and we need these "more complex" (scowl) constructs.

Null is pretty fundamental to... well... programming.

One thing Adobe must do is look at how Lucee has implemented this, and make sure the implementation is congruent. I can't see how it wouldn't be, but... still.

Anyway, ColdFusioners.... go let Adobe know this is important to you.

Back to watching the second half of this "friendly"(*) between England and Ireland.

--
Adam

(*) it's not friendly.

CFML: ways to help or be helped with ColdFusion and Lucee

G'day:
This article has been inspired by "reports of the death of the House of Fusion CFML forums are not greatly exaggerated". I dunno of anyone has been able to reach whoever represented the human manifestation of HoF, or just the continued radio-silence has been inferred as demise.

Russ from CFMLDeveloper has started a new Google Group to fill the void left by HoF disappearing:

For those that do not know, the well known and long running House Of Fusion and CF-Talk mailing list are now dead.... http://t.co/fYlDFKFVgr

— cfmldeveloper (@cfmldeveloper) August 25, 2015

And, indeed here they are @ https://groups.google.com/forum/#!forum/cfmldeveloper:

Dom Watson also quickly reminded people that there's the #CFML Slack channel too:

For those that did not know, there is a new home for #cfml developers on Slack 700+ members http://t.co/2cKFtAhccg https://t.co/uZtTyg16Pj

— Dominic Watson (@dom_watson) August 25, 2015

If I was being uncharitable, I'd observe that Dom's choice of words there might sound a bit dismissive of Russ's efforts, for some reason. But I'd never be uncharitable.

ColdFusion: it's hard to maintain the CF docs when the language is so buggy

G'day:
I was baking an idea for an article about PHP 7's generator return values - which admittedly had got sidetracked in a thought experiment - but just as I pulled up a pew at the pub, someone said something about ColdFusion and scopes and wrong docs and I decided I need to look at it and fix the docs if they were wrong. FFS.

Here's a simple statement in the ColdFusion docs, regarding scopes ("About scopes"):

Evaluating unscoped variables

If you use a variable name without a scope prefix, ColdFusion checks the scopes in the following order to find the variable:

1. Local (function-local, UDFs and CFCs only)
2. Arguments
3. Thread local (inside threads only)
4. Query (not a true scope; variables in query loops)
5. Thread
6. Variables
7. CGI
8. Cffile
9. URL
10. Form
11. Cookie
12. Client

So that's all easy enough, and given it's a list of only a dozen items, one would think it would be easy enough to test to make sure the docs matched ColdFusion's actual behaviour. And that ColdFusion's behaviour is actually correct.

ColdFusion: can't tell its null from its... elbow

G'day:
Blimey: Acker is being of some use! He threw me this code last night, and asked what to make of it (well, OK, Sean asked me, but still).

found something unexpected:

a = isnull(request) && isnull(server) && isnull(form) && isnull(url) && isnull(33);

a = true ... meaning all are null

What the actual f*ck?

So I knocked together some test code to make things more clear:

// acker.cfm    
areAllNull = isnull(request) && isnull(server) && isnull(form) && isnull(url) && isNull({}) && isnull(33);

writeOutput("
isnull(request): #isnull(request)#<br>
isnull(server): #isnull(server)#<br>
isnull(form): #isnull(form)#<br>
isnull(url): #isnull(url)#<br>
isnull(33): #isnull(33)#<br>
isNull({}): #isNull({})#<br>
areAllNull: #areAllNull#<br>
");

And on ColdFusion, this yields:

isnull(request): YES
isnull(server): YES
isnull(form): YES
isnull(url): YES
isnull(33): YES
isNull({}): NO
areAllNull: NO


Adobe you dicks. How can an entire scope be null? How can 33 be null??? I looked in the docs ("IsNull()") and that didn't say anything like "oh, we just make sh!t up about what's null or not. To be honest we just don't know. I mean... how can one actually tell? What is null, anyhow?", which might explain it. But no.

Lucee are not lunatics:

isnull(request): false
isnull(server): false
isnull(form): false
isnull(url): false
isnull(33): false
isNull({}): false
areAllNull: false


I despair, Adobe. I really do. Chris Blackwell could not have put this better:

@DAC_dev that's phenomenal. Adobe should extend their boolean type to 'true / false / fuck knows'

— Chris Blackwell (@d1rtym0nk3y) July 30, 2015

Raised as bug 4028246.

Update:

Just an update on this. In a moment reminiscent of the Orwellian position that 2+2=5, Adobe had this to say on the topic of the nullness of 33:

Are you having a f***ing laugh, mate?

And now these're something about Elvis to investigate too...

--
Adam

Adobe / ColdFusion: sh!thouse work ethic from CF Team members again

G'day:
Adobe have been really pretty good with patches for CF10 and 11 this year, they're released a number of patches, and I have no idea how many issues have been dealt with, but it seems like quite a few. Perhaps someone can dig the numbers up. And people like Anit and Elishia (admittedly: more Anit) do a good job at being responsive to client comms via Twitter, blogs, forums and now Slack.

However this hides a general attitude of lazy-arse-ness that infects the ColdFusion Team as an entity, and it's just not on.

The most recent episode of this is around this issue:

CFHTTP does not work with SNI enabled SSL (3598342)

Problem Description:
We are trying to connect via CFHTTP over SSL to a Windows 2012 IIS 8 server that has SSL installed and Server Name Indication (SNI) is enabled. http://en.wikipedia.org/wiki/Server_Name_Indication

Java 1.7 is supposed to work with SNI. ColdFusion's CFHTTP tag needs to be updated to handle SNI. SNI is an extension of the TLS protocol. Microsoft made this feature available in IIS 8 and as as more of these servers are setup ColdFusion will need to connect to them and will run into this issue.

ColdFusion 10 and ColdFusion 9 should be updated for the Server Name Indication (SNI) feature.

Steps to Reproduce:
Setup a Windows 2012 IIS 8 server and enable SNI for SSL. CFHTTP will not connect to it with SNI enabled.

This was raised in 2013. Note: this was back when ColdFusion 9 was still a supported ColdFusion version.

Last month (June 2015, one month shy of two years after the ticket was raised), Rupesh had this to say:

The SNI support has been added in ColdFusion 11. The change required for supporting this is quite big and therefore it can't be backported to ColdFusion 10.

Not f**in' good enough, sunshine. This issue was raised on ColdFusion 10, and it's impacting people using ColdFusion 10. You've had two years to get your sh!t together and conduct yourself like a professional team and get this issue sorted out on what's supposed to be a currently-supported version of ColdFusion. This means you need to fix broken sh!t.

You guys always seem to conveniently forget that your clients have paid for this software, and part of that - not-inconsequential - price tag is for the product to be supported for a number of years after purchase. In the case of ColdFusion 10, this is until June 2017. Another two years yet. We're already paid for you to fix this.

This attitude that the ColdFusion Team continues to let itself down with of variations of "we can't be arsed doing this" needs to stop. Treat yourselves and your paying clients with respect.

I invite my CFML-community readers to indicate any disapproval they might have with the ColdFusion Team in this regard by commenting on the ticket concerned, and on social media too. Once I put the Twitter message about this article out, I'll embed a link to it back here too.

"Adobe / #ColdFusion: sh!thouse work ethic from CF Team members again" (http://t.co/eRTG1QzKbs)

— Adam Cameron (@DAC_dev) July 28, 2015

Right. Back to watching telly.

--
Adam

ColdFusion CFML: weird shorthand operator restriction

G'day:
I dunno what to make of this one. This morning I was taking a look at an issue in the ColdFusion docs that someone on the #cfml Slack channel had raised, in that the docs said this;

Arithmetic operators

Operator	Description
+= -= *= /= %=	Compound assignment operators. The variable on the right is used as both an element in the expression and the result variable. Thus, the expression a += b is equivalent to a = a + b. An expression can have only one compound assignment operator.

The thing that I had my attention drawn to is Adobe's inability to know left from right, so I've fixed that in the wiki version of the docs. I can't fix the ColdFusion 9 docs, but equally don't care about ColdFusion 9 anyhow.

However there's another interesting statement there:

An expression can have only one compound assignment operator.

What? Why?

I duly knocked together an example and ran it on ColdFusion  11:

// multiple.cfm

a = 17;
b = 19;
c = 23;

a += (b += c);

writeDump(variables);

CFML: ColdFusion does some dodgy exception "handling"

G'day:
This was a curly one. I've been doing some testing recently, so I've been giving TestBox a bit of a thrashing. Yesterday I was a bit bemused that some of my tests were failing (that's not actually any sort of surprise given what I'm testing. Ahem), but other tests were erroring. yet they were testing much the same thing, and the condition causing the failure was the same for both the failing and erroring tests. I thought there was something weird afoot with TestBox, so I hit-up Luis about it.



I boiled the repro down to this:

// ErrorInsteadOfFail.cfc

component extends=testbox.system.basespec {

    function run(){
        describe("Replicating issue", function(){

            it("demonstrates a baseline", function(){
                expect(false).toBeTrue();
            });

            it("demonstrates the error", function(){
                var results = [1,2,3];
                results.each(function(result){
                    expect(false).toBeTrue();
                });
            });

        });
    }

}

This is really contrived, so don't pay too much attention to the code. Just focus on these two bits:

• calling expect() directly in my test;
• calling expect() within an iteration function, within an inline function expression.

The expectation on each is the same: that false is true. Which it isn't (I'm not going too fast, right? ;-), so the test should fail.

However I get this:

Notice how the second test isn't failing, it's actually erroring.

I raised a ticket for this: TESTBOX-127.

Luis came back to me a coupla hours later with the interesting observation that it seems when an exception is thrown within a closure, then ColdFusion doesn't just let it error, it wraps it up in a different exception, and throws that.

That's a bullshit thing for ColdFusion to be doing. Lucee, btw, does not do this: it behaves properly.

I expanded my tests out to cover a couple more things:

CFML: Are collection iteration methods really significantly slower than looping statements?

G'day:
I've heard people say a coupla times that one should think twice before using CFML's new collection iteration methods (eg: .each(), .map() etc) should be treated with caution, because they are substantially slower than using looping statements (eg: a for() loop). Now I don't doubt that these iteration methods are doing more work that a loop statement, but I really was skeptical as to whether the difference really matters. I believe on should err towards writing the clearest code first, and worry about performance when it becomes something to worry about. And I not really think that the difference in performance here would be worth worry about, generally. And if there was a significant performance difference: it's more an indication that the language engineers have work to do, rather than simply dismissing a good coding tactic out of hand.

20

G'day:
According to Adobe, ColdFusion is 20 today. I tried to track down the exact release date a while back but couldn't find an online press-release or the like, but Anit assures me it was 2 July 1995.

ColdFusion 2016 is coming...

G'day:
Just repeating news I heard from elsewhere. The ColdFusion 2016 pre-release is going to be opened up shortly. This is interesting stuff! There's a blog article soliciting participation: "Pre-release for the next version of ColdFusion". Currently whilst they mention a link, it's not actually there. I have pointed this out, so am sure it'll be fixed shortly.

Update:

Here's a direct link, as posted on Twitter by Rakshith: https://www.surveymonkey.com/r/LPS7YYP

We will soon have the pre-release for next version of #ColdFusion. Take this survey to be a part of it https://t.co/JUSFEzt3SB

— Rakshith Naresh (@rakshithn) June 17, 2015

Do sign-up. Adobe can use all the community voices they can muster to help them with the direction of CFML.

I'll be putting my name down, but I didn't last long in the pre-release last time due to disillusionment with their focus, which was all about <cfclient> in the earlier stages. This was a mistake on my part as they did then go on to do some interesting stuff later on.

I do hope Adobe don't have another <cfclient>-esque "feature" up their sleeves this time. Time will tell.

I also hope they are more open and less "NDA hush hush" about it this time. The industry has moved on from that sort of approach. They'd be much better served by getting the thing out in the open and getting as many bums on seats looking at it as possible.

Anyway... get over there and put yer name down.

Righto.

--
Adam