Skip to main content
A
Anonymous
December 2, 2014
Answered

CFForm issue in CF11

  • December 2, 2014
  • 4 replies
  • 2502 views

We found an issue related to the FORM submission in CF11. If the action attribute is not specified in the cfform tag, it does not generate the action using the current URL(Query-string values containing specific text are getting truncated ) .

For example :

sample URL :  http://test.com/admin/index.cfm?page=test&prod=12 , in the given URL having the value 'prod' , after submiting this form  , this URL will be showed like this - http://test.com/admin/index.cfm? with out query string values.

How can we resolve this issue in CF11 . Please advise.

Thanks in advance

This topic has been closed for replies.
Correct answer BKBK

Great example. Quite right: it appears to be a bug.

I can confirm your findings. Using the test I suggested yesterday, I obtained the following query strings:

Before submission: ?page=test&view=yes&prod=12

After submission:  ?page=test

Before submission: ?page=test&view=yes&prdo=12

After submission:  ?page=test&view=yes&prdo=12

Before submission: ?page=test&prod=12&view=yes

After submission:  ?view=yes

Before submission: ?page=test&prdo=12&view=yes

After submission:  ?page=test&prdo=12&view=yes

The behaviour is so strange you should at least report it to the Coldfusion bug database.

4 replies

A
Anonymous
December 19, 2014

Thank you all for supporting this issue.

itisdesign
itisdesign
Inspiring
December 6, 2014

Looks like this issue occurs when the URL contains any HTML character entity, not just &prod

I've voted and added a comment on the ticket.

Thanks!,

-Aaron

    BKBK
    Community Expert
    BKBKCommunity Expert
    Community Expert
    December 6, 2014

    @Aaron

    Thanks. It is indeed pointing strongly to HTML character entities, though some, like &comma and &equals, work OK. Weird.

    A
    Anonymous
    December 3, 2014

    Hi All,

         My issue is that ,the truncation of Qurey string  doesnot occur in all cases .

         Case 1 (Truncation happening ):

             Example :

              URL Before form submission : -  http://test.com/admin/index.cfm?page=test&prod=12&view=yes

              URL After form submission : - http://test.com/admin/index.cfm?view=yes

    As the above example the text 'page=test' and  'prod=2'  seems to be deleted .

                

    Case 2 ( No truncation):

    Example :

              URL Before form submission : -  http://test.com/admin/index.cfm?page=test&view=yes

              URL After form submission : - http://test.com/admin/index.cfm?page=test&view=yes

    BKBK
    Community Expert
    BKBKCommunity ExpertCorrect answer
    Community Expert
    December 3, 2014

    Great example. Quite right: it appears to be a bug.

    I can confirm your findings. Using the test I suggested yesterday, I obtained the following query strings:

    Before submission: ?page=test&view=yes&prod=12

    After submission:  ?page=test

    Before submission: ?page=test&view=yes&prdo=12

    After submission:  ?page=test&view=yes&prdo=12

    Before submission: ?page=test&prod=12&view=yes

    After submission:  ?view=yes

    Before submission: ?page=test&prdo=12&view=yes

    After submission:  ?page=test&prdo=12&view=yes

    The behaviour is so strange you should at least report it to the Coldfusion bug database.

      A
      Anonymous
      December 4, 2014

      OK. Now I have reported this to the ColdFusion bug database .

      BKBK
      Community Expert
      BKBKCommunity Expert
      Community Expert
      December 2, 2014

      That is the expected behaviour, I should think. You have very likely submitted the form to http://test.com/admin/index.cfm. If you then enter http://test.com/admin/index.cfm?page=test&prod=12 into the browser's address field, how is Coldfusion to know about the query-string? It cannot.

      In other words, for the form to submit to http://test.com/admin/index.cfm?page=test&prod=12, the client must first have opened the form page using this same URL.

      Carl Von Stetten
      Carl Von Stetten
      Legend
      December 2, 2014

      When you submit the form (assuming you haven't set the "method" attribute to "POST"), the form fields will be converted into a URL query string.  If you've put a URL with a query string into the form's "action" attribute, likely the form field values will be converted to a query string and swapped out with your URL query string during form submission, thus appearing to "truncate" the original query string.

      If you want some URL parameters to be added to the form field data, store those values in hidden form fields so they get built into the new query string when the form is submitted.

      -Carl V.

      BKBK
      Community Expert
      BKBKCommunity Expert
      Community Expert
      December 2, 2014

      @Carl

      Just to say it's about <cfform>. By default, assuming no method specified, <cfform> does a 'post' action.

      Terms & ConditionsAccessibility statement
      Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices