I noticed a strange behavior with ColdFusion 9 and maybe earlier versions where using the validate attribute set to numeric will not show an error with a $ in the input. All three validations, onBlur, onSubmit, and onServer allow a input value to contain a $ in the text field. Is this by design and am I misunderstanding something? I tested the same thing in Railo 3.1 and the validation showed an error when I submitted a $ sign in the input. I did learn that Railo does not allow for the validateAt attribut with the input tag and defaults to onSubmit validation, but the validate="numeric" did properly work when submitting the form. A bug?
Entries for month: August 2010
Validate "numeric" for cfinput does not work with $
Posted by John
Setting session cookies to have the httpOnly attribute with ColdFusion 9.0.1
Posted by John
For a site that falls under PCI compliance scans you will need to have session cookies that have the httpOnly attribute set. With the release of the ColdFusion 9.0.1 release it is now much easier to have your session cookies to contain the httpOnly attribute.