ColdFusion Redirect HTTP to HTTPS (SSL)
Posted At : October 10, 2022 11:38 AM | Posted By : Scott Bennett
Related Categories: ColdFusion

Normally when I want to force traffic to use SSL on a ColdFusion application, I will set up the redirect in the web server (Apache/IIS) configuration. However, there are occasions where I have not had access to modify the web servers configuration. In these cases I will place this snippet at the beginning of the onRequest() function of Application.cfc:

if ( cgi.SERVER_NAME == "coldfusionguy.com" && cgi.https == "off" ) {
   location( "https://#cgi.server_name##cgi.script_name##cgi.PATH_INFO##(len(cgi.QUERY_STRING) ? ('?' & cgi.query_string) : '')#", false );
}

On apps still using Application.cfm and/or tag based syntax, I will do use this:

<cfif cgi.SERVER_NAME eq "coldfusionguy.com" and cgi.https eq "off">
   <cflocation
      url="https://#cgi.server_name##cgi.script_name##cgi.PATH_INFO##(len(cgi.QUERY_STRING) ? ('?' & cgi.query_string) : '')#"
      addtoken="false"
      />
</cfif>

Note that the check on cgi.server_name is not strictly necessary. I just use that so that the code does not attempt to reirect HTTP traffic on my localhost.

Comments (0) | 895 Views
Comments (Comment Moderation is enabled. Your comment will not appear until approved.)

There are no comments for this entry.

[Add Comment]
Get Expert ColdFusion Help

If you are looking for an experienced, professional, and reliable ColdFusion development company, contact PALADEM today.
Archives By Subject
AJAX (24) [RSS]
BlogCFC (2) [RSS]
CFEclipse (4) [RSS]
ColdFusion (50) [RSS]
CSS (1) [RSS]
FireFox (1) [RSS]
Frameworks (1) [RSS]
Google API (1) [RSS]
JavaScript (25) [RSS]
Lucee (1) [RSS]
My Life (6) [RSS]
OCCFUG (2) [RSS]
PayPal (1) [RSS]
Regular Expressions (1) [RSS]
XML (4) [RSS]
Search

Subscribe
Enter your email address to subscribe to this blog.

RSS