What’s Next in ColdFusionRaymond Camden

This Guy

Developer Evangelist for Adobe

Blog: www.coldfusionjedi.com

Email: cfjedimaster@adobe.com

Twitter: cfjedimaster

So what’s next in Zeus?ZEUS!

ColdFusion Zeus

Is a code name

For the "next" version

Not necessarily ColdFusion 10

NOT TALKING ABOUT:Release Dates

Prices

Editions

Politics or Religion

Zeus Features (Some of…)

Admin Improvements

Security out the Ying Yang

Language Improvements

Solr Improvements

Java Integration

REST

HTML5/Mobile

Web Sockets

Charting

More Zeus features…

No more Verity (yes, that's a feature)

No more JRun (ditto!)

Microsoft Exchange 2010 support

Web Service: Axis 2 + Document Literal

Scheduled Tasks are Epic

ALL FEATURESNOT FINAL!

Admin Improvements

Hot Fix Installer

Template Cache – By Folder

Clear Query Cache

File Browser

IP Addresses for Admin

Demos

Security Enhancements

XSS/CSRF Protection

Session Improvements

Hash/HMAC

File Type Mime Checks

And more…Mail CRLF protection, cflogin strengthened,

other services improved

XSS Protection

Cross-site Scripting

New functions:encodeForHTML

encodeForHTMLAttribute

encodeForJavaScript

encodeForCSS

encodeForURL

Demos

/demos/security/xss

CSRF Protection

Cross-Site Request Forgery

New functions:CSRFGenerateToken

CSRFVerifyToken

Demos

/demos/security/csrf

Session Improvements

httpOnly on by default

Secure (default is false)

Domain

Timeout (days, -1 for killing session when browser closes)

sessionInvalidate and sessionRotate

Example

this.sessioncookie.httponly="true";

this.sessioncookie.secure="true";

this.sessioncookie.domain="value";

this.sessioncookie.timeout="value";

Hash/HMAC

Hash can now be told to iterate N times: hash(input, "sha", 4)

HMAC – Hash-based Message Authentication Code

Demo

/demos/security/hash.cfm

Mime Type Checking

cffile upload

getFileMimeType

Demos

/demos/security/fileupload.cfm and filemimetype.cfm

Language Improvements

In no particular order…

Cookie via Script

For-in for Queries

Append to file with content

Call Stack

Application Metadata

Disk Space

App-specific VFS

CFC implicit constructors, method chaining, implicit notation

XPath2

Oh, and….

CLOSURES!

Demos

/demos/lang

/demos/cfcs

Solr

Dynamic custom fields (as many as you want, even up to 11!)

ORM based search

Data Import Handler (no more cfquery)

Other misc things… (more languages for example)

Demos

Custom Fields demo

ORM Search demo

Java Integration

Ability to load Java libraries JavaLoader RIP

Java access to CFC files:CFCProxy myCFC = new CFCProxy(cfcPath,

true);

Demo

/demos/java

REST

RESTful web services are built to work best on the Web. Representational State Transfer (REST) is an architectural style that specifies constraints, such as the uniform interface, that if applied to a web service induce desirable properties, such as performance, scalability, and modifiability, that enable services to work best on the Web. In the REST architectural style, data and functionality are considered resources and are accessed using Uniform Resource Identifiers (URIs), typically links on the Web. The resources are acted upon by using a set of simple, well-defined operations. The REST architectural style constrains an architecture to a client/server architecture and is designed to use a stateless communication protocol, typically HTTP. In the REST architecture style, clients and servers exchange representations of resources by using a standardized interface and protocol.

From: http://download.oracle.com/javaee/6/tutorial/doc/gijqy.html

REST

Who cares what it is – we make it easy! (Btw – I'm kidding. Mostly.)

Extensions to component, function, argument, application.cfc, and the Admin

Demos

/demos/rest

HTML5/Mobile

CFMAP

CFMEDIAPLAYER

cfinput won't barf on new items (like type=range)

Detection of browser capabilities

Device info (VERY IN FLUX)

this.deviceInfo=true; or getDeviceInfo()

device_nameajax_support_javascriptcookie_supportdevice_os device_os_version full_flash_supporthttps_supportis_tabletis_wireless_devicemobile_browsermobile_browser_versionmodel_extra_infomodel_namephysical_screen_heightphysical_screen_widthpointing_methodstreaming_preferred_protocol

Demos

/demos/cfmap

/demos/testinput.cfm

Web Sockets

Bidirectional communicationOne client to all the rest

Server to all clients

Front end support via <cfwebsocket>

Back end support for defining listeners

Demo

Charting

All new charting engine

Styles are JSON objects

Deeper configuration via JSON

Lots of new features

Demo

And more to come…