Highlighted

CFForm issue in CF11

New Here ,
Dec 02, 2014

Copy link to clipboard

Copied

We found an issue related to the FORM submission in CF11. If the action attribute is not specified in the cfform tag, it does not generate the action using the current URL(Query-string values containing specific text are getting truncated ) .

For example :

sample URL :  http://test.com/admin/index.cfm?page=test&prod=12 , in the given URL having the value 'prod' , after submiting this form  , this URL will be showed like this - http://test.com/admin/index.cfm? with out query string values.

How can we resolve this issue in CF11 . Please advise.

Thanks in advance

Adobe Community Professional
Correct answer by BKBK | Adobe Community Professional

Great example. Quite right: it appears to be a bug.

I can confirm your findings. Using the test I suggested yesterday, I obtained the following query strings:

Before submission: ?page=test&view=yes&prod=12

After submission:  ?page=test

Before submission: ?page=test&view=yes&prdo=12

After submission:  ?page=test&view=yes&prdo=12

Before submission: ?page=test&prod=12&view=yes

After submission:  ?view=yes

Before submission: ?page=test&prdo=12&view=yes

After submission:  ?page=test&prdo=12&view=yes

The behaviour is so strange you should at least report it to the Coldfusion bug database.

TOPICS
Getting started

Views

1.2K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

CFForm issue in CF11

New Here ,
Dec 02, 2014

Copy link to clipboard

Copied

We found an issue related to the FORM submission in CF11. If the action attribute is not specified in the cfform tag, it does not generate the action using the current URL(Query-string values containing specific text are getting truncated ) .

For example :

sample URL :  http://test.com/admin/index.cfm?page=test&prod=12 , in the given URL having the value 'prod' , after submiting this form  , this URL will be showed like this - http://test.com/admin/index.cfm? with out query string values.

How can we resolve this issue in CF11 . Please advise.

Thanks in advance

Adobe Community Professional
Correct answer by BKBK | Adobe Community Professional

Great example. Quite right: it appears to be a bug.

I can confirm your findings. Using the test I suggested yesterday, I obtained the following query strings:

Before submission: ?page=test&view=yes&prod=12

After submission:  ?page=test

Before submission: ?page=test&view=yes&prdo=12

After submission:  ?page=test&view=yes&prdo=12

Before submission: ?page=test&prod=12&view=yes

After submission:  ?view=yes

Before submission: ?page=test&prdo=12&view=yes

After submission:  ?page=test&prdo=12&view=yes

The behaviour is so strange you should at least report it to the Coldfusion bug database.

TOPICS
Getting started

Views

1.2K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Dec 02, 2014 0
Adobe Community Professional ,
Dec 02, 2014

Copy link to clipboard

Copied

That is the expected behaviour, I should think. You have very likely submitted the form to http://test.com/admin/index.cfm. If you then enter http://test.com/admin/index.cfm?page=test&prod=12 into the browser's address field, how is Coldfusion to know about the query-string? It cannot.

In other words, for the form to submit to http://test.com/admin/index.cfm?page=test&prod=12, the client must first have opened the form page using this same URL.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 02, 2014 0
Most Valuable Participant ,
Dec 02, 2014

Copy link to clipboard

Copied

When you submit the form (assuming you haven't set the "method" attribute to "POST"), the form fields will be converted into a URL query string.  If you've put a URL with a query string into the form's "action" attribute, likely the form field values will be converted to a query string and swapped out with your URL query string during form submission, thus appearing to "truncate" the original query string.

If you want some URL parameters to be added to the form field data, store those values in hidden form fields so they get built into the new query string when the form is submitted.

-Carl V.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 02, 2014 0
Adobe Community Professional ,
Dec 02, 2014

Copy link to clipboard

Copied

@Carl

Just to say it's about <cfform>. By default, assuming no method specified, <cfform> does a 'post' action.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 02, 2014 0
Most Valuable Participant ,
Dec 02, 2014

Copy link to clipboard

Copied

@BKBK

You're right.  I didn't realize that <cfform> does the exact opposite of <form> in this regard - <form> defaults to GET and <cfform> defaults to POST.  So it looks like <cfform> strips off url parameters when it does a POST submit.  This might be a bug, but I'm not sure.

However, I would suggest not trying to send both URL parameters and FORM data in the same form submittal.  That's kind of "code smell".  Rather, as I suggested, put the URL parameters into hidden form fields so they become part of the POST payload.  On the server side, change references to URL.page and URL.prod to FORM.page and FORM.prod respectively.

As a somewhat-related side note, most ColdFusion MVC frameworks combine the URL and FORM scopes into a single request-scope variable (commonly a structure called "rc" which contains key/value pairs of the URL/FORM data as well as storing additional data passed by controller processing).  Even if you don't use an MVC framework, it is a not uncommon practice to append the URL scope onto the FORM scope (or vice-versa) in the onRequest() method of Application.cfc.  Here's how I do it (I think I originally stole this from someone else's blog post, possibly Raymond Camden or Ben Nadel):

<!--- Merge FORM and URL scopes together into FORM to simplify variable

  scoping and to guarantee FORM scope is available. --->

  <cfparam name="form" type="struct">

  <cfif IsDefined('URL')>

       <cfset StructAppend(form, URL)>

  </cfif>

Now, all form data will be available in the FORM scope, regardless of whether it was sent via GET (url parameters) or POST (form data).  That can simplify your code as you can simply refer to all data incoming from forms or links as FORM.whatever.  Alternatively, you could merge the data into a request scope variable like the MVC frameworks:

<!--- Merge FORM and URL scopes together into request variable to simplify variable

  scoping. --->

  <cfparam name="request.rc" type="struct">

  <cfif IsDefined('URL')>

       <cfset StructAppend(request.rc, URL)>

  </cfif>

  <cfif IsDefined('FORM')>

       <cfset StructAppend(request.rc, FORM)>

  </cfif>

Now any data passed in from forms or links can be accessed as request.rc.whatever.

-Carl V.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 02, 2014 0
Adobe Community Professional ,
Dec 02, 2014

Copy link to clipboard

Copied

Poster, 2_Coldfusion, says there is no query-string after <cfform> is submitted. Hence, there will be no URL variables.

As I said earlier, <cfform> will submit to http://test.com/admin/index.cfm?page=test&prod=12 if you enter the form page by means of http://test.com/admin/index.cfm?page=test&prod=12, to start with, instead of http://test.com/admin/index.cfm. That is, if the referrer URL of the form page already contains the query string.

Suggested test:

<a href="http://test.com/admin/index.cfm">Form page URL without query-string</a><br>

<a href="http://test.com/admin/index.cfm?page=test&prod=12">Form page URL with query-string</a>

<cfform>

<cfinput name="txt" type="text" value="Some text">

<cfinput name="sbmt" type="submit" value="send">

</cfform>

<cfdump var="#form#" label="Form">

<cfdump var="#url#" label="url">

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 02, 2014 0
New Here ,
Dec 02, 2014

Copy link to clipboard

Copied

Hi All,

     My issue is that ,the truncation of Qurey string  doesnot occur in all cases .

     Case 1 (Truncation happening 😞

         Example :

          URL Before form submission : -  http://test.com/admin/index.cfm?page=test&prod=12&view=yes

          URL After form submission : - http://test.com/admin/index.cfm?view=yes

As the above example the text 'page=test' and  'prod=2'  seems to be deleted .

            

Case 2 ( No truncation):

Example :

          URL Before form submission : -  http://test.com/admin/index.cfm?page=test&view=yes

          URL After form submission : - http://test.com/admin/index.cfm?page=test&view=yes

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 02, 2014 0
Adobe Community Professional ,
Dec 03, 2014

Copy link to clipboard

Copied

Great example. Quite right: it appears to be a bug.

I can confirm your findings. Using the test I suggested yesterday, I obtained the following query strings:

Before submission: ?page=test&view=yes&prod=12

After submission:  ?page=test

Before submission: ?page=test&view=yes&prdo=12

After submission:  ?page=test&view=yes&prdo=12

Before submission: ?page=test&prod=12&view=yes

After submission:  ?view=yes

Before submission: ?page=test&prdo=12&view=yes

After submission:  ?page=test&prdo=12&view=yes

The behaviour is so strange you should at least report it to the Coldfusion bug database.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 03, 2014 1
New Here ,
Dec 04, 2014

Copy link to clipboard

Copied

OK. Now I have reported this to the ColdFusion bug database .

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 04, 2014 0
Adobe Community Professional ,
Dec 04, 2014

Copy link to clipboard

Copied

Thanks. I have voted for it (bug # 3861951)

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 04, 2014 0
Most Valuable Participant ,
Dec 06, 2014

Copy link to clipboard

Copied

Looks like this issue occurs when the URL contains any HTML character entity, not just &prod

I've voted and added a comment on the ticket.

Thanks!,

-Aaron

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 06, 2014 1
Adobe Community Professional ,
Dec 06, 2014

Copy link to clipboard

Copied

@Aaron

Thanks. It is indeed pointing strongly to HTML character entities, though some, like &comma and &equals, work OK. Weird.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 06, 2014 0
New Here ,
Dec 18, 2014

Copy link to clipboard

Copied

Thank you all for supporting this issue.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 18, 2014 0