Skip to main content
jeffh65754959
jeffh65754959
Inspiring
October 29, 2018
Question

ColdFusion 2018 Security Analyzer Exposed API

  • October 29, 2018
  • 2 replies
  • 750 views

During the Security in ColdFusion: A 360 degree outlook session at CF Summit this year, it was discussed that in CF 2018, there are exposed APIs for the Security Code Analyzer that allow for analyzing outside of CF Builder.  I am not finding documentation that explains how to access these APIs.  Can anyone point me in the right direction?

Thanks,

Jeff

    This topic has been closed for replies.

    2 replies

    Charlie Arehart
    Community Expert
    Charlie ArehartCommunity Expert
    Community Expert
    November 6, 2018

    Jeff, there is a github project by Dave Epler showing how to access it from the command line. You can see easily in the code there how to access the web API which he calls in his code:

    cf-cmdline-sec-ana/cmdline-security-analyzer.cfm at master · dcepler/cf-cmdline-sec-ana · GitHub

    /Charlie (troubleshooter, carehart. org)
      jeffh65754959
      jeffh65754959Author
      Inspiring
      November 6, 2018

      Excellent.  Thank you Charlie.

      jeffh65754959
      jeffh65754959Author
      Inspiring
      November 6, 2018

      Has anyone even used the exposed APIs for the Security Code Analyzer in CF 2018, yet?  I am having no luck finding them on my install.

      Terms & ConditionsAccessibility statement
      Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices