• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Is it possible to manually set HTTP_REFERER?

Enthusiast ,
Feb 24, 2016 Feb 24, 2016

Copy link to clipboard

Copied

Does anyone if it is possible to manually set the CGI.HTTP_REFERER? If so, how do I accomplish it?

Views

2.5K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Enthusiast , Feb 29, 2016 Feb 29, 2016

Many thanks for all the help. I got it working now. There is no issue with the <cfif IsDefined("session.mysiteShibboleth.isAuthenticated")>. It was a log in the <cfelse> that I tried to log the session variable that was not set and not exist. Thus, it throws the error.

The initial issue about unable to redirect was resolved. The issue that it keeps looping was because the way I test if the user was logged in or not is wrong. Since I'm using CommonSpot CMS, it used their isLoggedIn API and it was

...

Votes

Translate

Translate
Guide ,
Feb 24, 2016 Feb 24, 2016

Copy link to clipboard

Copied

Why would you want to do that?  The variable is based on what the web server forwards to ColdFusion.  Why would you need to alter it?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 24, 2016 Feb 24, 2016

Copy link to clipboard

Copied

Here's the problem.

  1. User enter the search word and click enter
  2. The search page shows the result on the page with links
  3. The user clicks on the link to see the details page
  4. The details page requires authentication
  5. It redirects the user to the authentication page. At this page in the custom_application.cfm page, it shows the HTTP_REFERER;  https://devbox.mysite.com/search/?search=calendar
  6. The user authenticated and then it comes back to the https://devbox.mysite.com/search/?search=calendar page instead of to the https://devbox.mysite.com/kb/article/calendar page, which is the link that the user clicked and wants to go there.

That is the problem. If you can help find a better solution, that'll be great. Thanks for the response though.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guide ,
Feb 24, 2016 Feb 24, 2016

Copy link to clipboard

Copied

If you don't want to authenticate the user at the outset rather than when they click a details link (and what happens if they go back to the results and click a different link - do they have to authenticate again?), then store the link URL in a session or client variable and then navigate to the value in the session variable after authentication.  If you go the client variable route, make sure to use cookies (or alternatively database) rather than registry.


Don't mess with HTTP_REFERER - that is how you tell where the user **actually** came from.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 24, 2016 Feb 24, 2016

Copy link to clipboard

Copied

That answers my question but has not resolved my issue yet. I will check if the user is logged in or not. If it's logged in already then the details page will just show without prompting the user to authenticate again. My main problem is, ColdFusion is not redirecting to the target page or the page that's part of the link. It redirects back to the page where it was originally from instead and I couldn't figure how to resolve this issue. Thus, I thought I could change the http_referer.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guide ,
Feb 24, 2016 Feb 24, 2016

Copy link to clipboard

Copied

How are you performing the redirect?  <cflocation>?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 24, 2016 Feb 24, 2016

Copy link to clipboard

Copied

Yes. Here are part of my authentication code. We are using Shibboleth authentication.

In my custom-applicaton.cfm file.

<cfif not StructKeyExists(session, "preAuthUrl")>

  <cfparam name="Session.preAuthUrl" default="http://#cgi.server_name##cgi.script_name#">

</cfif>

<cfif cgi.query_string contains "login=1">

  <cfif not cgi.query_string contains "forcelogin=1">

  <cfset session.preauthurl="#cgi.http_referer#">

  <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

  <cfelse>

  <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

  </cfif>

</cfif>

And here's the code in the authentication.cfm file.

<cfif session.user.LICENSEDCONTRIBUTOR eq 0>

  <cftry>

  <CFLOCK SCOPE="Session" TYPE="Exclusive" TIMEOUT="5" THROWONTIMEOUT="Yes">

  <cfquery DATASOURCE="#session.user.USERSDATASOURCE#" NAME="updateContributor">

    UPDATE Users

    SET LicensedContributor = '1'

    WHERE ID = #session.user.id#

  </cfquery>

  <cfset session.user.LicensedContributor = "1">

  </CFLOCK>

  <cfcatch>

  <cfoutput>Error in /authenticate.cfm: An error occurred while trying to log in. Please try again.</cfoutput>

  </cfcatch>

  </cftry>

  </cfif>

  <cflog text="preAuthUrl-#count#: #session.preAuthUrl#" type="Information" file="Authentication">

  <!---we are now logged in, so redirect somewhere--->

  <cfif session.preAuthUrl eq "">

  <!---not sure where we came from, so redirect to the homepage--->

  <cflocation url="/" addtoken="no">

  <cfelse>

  <cfif session.preAuthUrl contains "login=1">

  <cfif tmp eq "">

  <cflocation url="/" addtoken="no">

  <cfelse>

  <cflocation url="#tmp#" addtoken="no">

  </cfif>

  <cfelse>

  <cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>

  <cflog text="final URL: #request.author_url##tmp#" type="Information" file="Authentication">

  <cflocation url="#request.author_url##tmp#" addtoken="no">

  </cfif>

  </cfif>

</cfif>

<!---go back to wherever we came from--->

<cflocation url="#cgi.http_referer#" addtoken="no">

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 25, 2016 Feb 25, 2016

Copy link to clipboard

Copied

The way our CommonSpot CMS work is that every time you access a page, the custom_application.cfm gets fired first. Therefore, the preauthURL session variable gets set correctly the first time when the user click the hyperlink from the search-result page. However, when the user got authenticated and finally landed on the target page, the custom_application.cfm gets called/fired again and this time the Http_referer and preauthURL is incorrect because it was referring to the last page, which is our shibboleth authentication page. And this is where I couldn't figure out.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guide ,
Feb 25, 2016 Feb 25, 2016

Copy link to clipboard

Copied

You need to stop grabbing HTTP_Referer for your ultimate redirect location.  As I said in an earlier response, grab the URL (that would be the CGI.path_info combined with CGI.query_string) before you redirect to the authentication page.  Then after you have authenticated the user, redirect to your stored URL.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 25, 2016 Feb 25, 2016

Copy link to clipboard

Copied

Here's my current custom_application.cfm file. I do not use http_referer and it goes into a loop.

<cfif cgi.query_string contains "login=1">

   <cfif not cgi.query_string contains "forcelogin=1">

      <cflog text="SERVER_NAME: #cgi.SERVER_NAME#" type="Information" file="Authentication">

      <cflog text="PATH_INFO: #cgi.PATH_INFO#" type="Information" file="Authentication">

      <cflog text="PATH_TRANSLATED: #cgi.PATH_TRANSLATED#" type="Information" file="Authentication">

      <cflog text="SCRIPT_NAME: #cgi.SCRIPT_NAME#" type="Information" file="Authentication">

      <cflog text="QUERY_STRING: #cgi.QUERY_STRING#" type="Information" file="Authentication">

      <cflog text="REMOTE_HOST: #cgi.REMOTE_HOST#" type="Information" file="Authentication">

      <cfif cgi.http_referer contains "search/?search=">

      <cflog text="cgi.http_referer contains: #cgi.http_referer#" type="Information" file="Authentication">

      <cfset tmp=ReReplace(cgi.http_referer, "^.+\.mysite\.com", "")>

      <cfset scriptName=ReReplace(cgi.script_name, "^index.cfm\.+", "")>

      <cflog text="scriptName: #scriptName#" type="Information" file="Authentication">

      <!---<cfset qryString=ReReplace(#tmp#, "/search/?search=", "")>--->

      <cfscript>

         qryString = replace(#tmp#, "/search/?search=", "", "All");

      </cfscript>

      <cflog text="qryString: #qryString#" type="Information" file="Authentication">

      <cfset session.preauthurl="#request.author_url#/kb/article/#qryString#">

      <cflog text="After cfset session.preauthurl: #request.author_url#/kb/article/#qryString#" type="Information" file="Authentication">

      <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

      <cfelse>

      <!---<cfset session.preauthurl="#cgi.http_referer#">--->

      <cflog text="session.preauthurl-172: #session.preauthurl#" type="Information" file="Authentication">

      <cflog text="cflocation url: #request.author_url#/authenticate.cfm" type="Information" file="Authentication">

      <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

   </cfif>

   <!---<cfset session.preauthurl="#cgi.http_referer#">

      <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">--->

   <cfelse>

   <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

</cfif>

</cfif>

And here's my authenticate.cfm code:

<!--- if this user is not marked as a "licensed contributor", mark them as such.--->

<cfif session.user.LICENSEDCONTRIBUTOR eq 0>

   <cftry>

      <CFLOCK SCOPE="Session" TYPE="Exclusive" TIMEOUT="5" THROWONTIMEOUT="Yes">

         <cfquery DATASOURCE="#session.user.USERSDATASOURCE#" NAME="updateContributor">

            UPDATE Users

            SET LicensedContributor = '1'

            WHERE ID = #session.user.id#

         </cfquery>

         <cfset session.user.LicensedContributor = "1">

      </CFLOCK>

      <cfcatch>

         <cfoutput>Error in /authenticate.cfm: An error occurred while trying to log in. Please try again.</cfoutput>

      </cfcatch>

   </cftry>

</cfif>

<cflog text="preAuthUrl-63: #session.preAuthUrl#" type="Information" file="Authentication">

<!---we are now logged in, so redirect somewhere--->

<cfif session.preAuthUrl eq "">

   <!---not sure where we came from, so redirect to the homepage--->

   <cflocation url="/" addtoken="no">

   <cfelse>

   <!---The tmp here will cause interna server error because it was not defined anywhere.--->

   <cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>

   <cfif session.preAuthUrl contains "login=1">

      <cfif tmp eq "">

         <cflocation url="/" addtoken="no">

         <cfelse>

         <cflog text="tmp-75: #tmp#" type="Information" file="Authentication">

         <cflocation url="#tmp#" addtoken="no">

      </cfif>

      <cfelse>

      <!---<cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>--->

      <cflog text="final URL: #request.author_url##tmp#" type="Information" file="Authentication">

      <cflocation url="#request.author_url##tmp#" addtoken="no">

   </cfif>

</cfif>

</cfif>

<cflog text="http_referer: #cgi.http_referer#" type="Information" file="Authentication">

<!---go back to wherever we came from--->

<cflocation url="#cgi.http_referer#" addtoken="no">

And here's the log:

========================This the first time hitting the custom-appliction==================================

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","SERVER_NAME: devbox.mysite.com"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","PATH_INFO: "

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","QUERY_STRING: login=1"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","REMOTE_HOST: 10.34.3.251"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","cgi.http_referer contains: https://devbox.mysite.com/search/?search=calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","scriptName: /kb/article/index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","qryString: calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","After cfset session.preauthurl: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

----------------noticed that it ever gets to the "http_referer" log at the bottom which is the correct behavior------------------------------------------

========================Now, it hits the target page of "calendar" and it launches the custom-appliction again=====================================================

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","SERVER_NAME: devbox.mysite.com"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","PATH_INFO: "

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","QUERY_STRING: login=1"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","REMOTE_HOST: 10.34.3.251"

---------------------Noticed the line below shows the target page correctly in session.preauthurl variable------------------------------------------

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:47","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:47","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

----------------------Noticed the line above here (final URL) shows the correct target page--------------------------------------------------------

=======================But it never actually gets to the target page, it went back to the custom-appliction file again as shown below===================================

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SERVER_NAME: devbox.mysite.com"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_INFO: "

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","QUERY_STRING: login=1"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","REMOTE_HOST: 10.34.3.251"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

=======================And again here,it launches the custom-appliction file again and go through a loop===============================================================

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SERVER_NAME: devbox.mysite.com"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_INFO: "

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","QUERY_STRING: login=1"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","REMOTE_HOST: 10.34.3.251"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

=======================And again here,it launches the custom-appliction file again and go through a loop===============================================================

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","SERVER_NAME: devbox.mysite.com"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","PATH_INFO: "

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","QUERY_STRING: login=1"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","REMOTE_HOST: 10.34.3.251"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

=======================And again here,it launches the custom-appliction file again and go through a loop===============================================================

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SERVER_NAME: devbox.mysite.com"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_INFO: "

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","QUERY_STRING: login=1"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","REMOTE_HOST: 10.34.3.251"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

=======================And again here,it launches the custom-appliction file again and go through a loop===============================================================

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SERVER_NAME: devbox.mysite.com"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_INFO: "

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","QUERY_STRING: login=1"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","REMOTE_HOST: 10.34.3.251"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:51","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

"Information","ajp-bio-8013-exec-7","02/25/16","12:17:51","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

=========================And it finally quits in Firefox but in IE it keeps going forever====================================================================

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guide ,
Feb 25, 2016 Feb 25, 2016

Copy link to clipboard

Copied

Let me correct myself.  Starting with CF10, CGI.path_info no longer returns the URL of the current page - it only returns any additional info after the document name (e.g.: http://mysite.com/index.cfm/some_more_path_stuff/even_more_path_stuff, CGI.path_info would return "some_more_path_stuff/even_

more_path_stuff").  If you don't have additional path information following the document name, CGI.path_info will be blank.

Instead, you can use this to get the entire URL of the current page: getPageContext().getRequest().getRequestURI()

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 25, 2016 Feb 25, 2016

Copy link to clipboard

Copied

Here's a quick question. Why am I not getting the query_string value inside of this CFIF in my custom-application.cfm?

<cfif not StructKeyExists(session, "queryString")>

  <cfparam name="Session.queryString" default="#cgi.query_string#">

  <cflog text="Session.queryString-112: #Session.queryString#" type="Information" file="Authentication">

  <cflog text="cgi.query_string-113: #cgi.query_string#" type="Information" file="Authentication">

  <!---<cfparam name="Session.queryString" default="#cgi.query_string#">--->

</cfif>

<cflog text="Session.queryString-120: #Session.queryString#" type="Information" file="Authentication">

I put a log outside of this cfif and it will only show the query_string value after five times looping.Why is that?

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:31","SITE1","Session.queryString-112: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:31","SITE1","cgi.query_string-113: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:31","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:31","SITE1","cgi.query_string-161: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:36","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:36","SITE1","cgi.query_string-161: search=calendar"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:37","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:37","SITE1","cgi.query_string-161: proxyURL=https%3A%2F%2Fapp.kbarticle.com%2Fapi%2Fhead%2Fsuggest.json&name%5B%24regex%5D=calendar"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","cgi.query_string-161: slug=calendar"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","cgi.query_string-161: login=1"

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","Session.queryString-120: "

"Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","cgi.query_string-161: login=1"

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 25, 2016 Feb 25, 2016

Copy link to clipboard

Copied

This getPageContext().getRequest().getRequestURI() is giving me the same as script_name.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Feb 26, 2016 Feb 26, 2016

Copy link to clipboard

Copied

2Charlie wrote:

Here's the problem.

  1. User enter the search word and click enter
  2. The search page shows the result on the page with links
  3. The user clicks on the link to see the details page
  4. ...

Then, on the details page, before the code that does the redirection, store the referrer as a session variable.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 26, 2016 Feb 26, 2016

Copy link to clipboard

Copied

I think the problem is not that it's not getting the correct target page because I've make sure and verified that the target page URL is correct and it's still not returning to the correct page or error out. Perhaps my checking for is the user logged in or not is wrong and when it's fully authenticated, it's still not registered as logged in; therefore, it goes into a loop. So, what's a the proper way to check if the user is already logged in in ColdFusion? And once the user is authenticated, is there something in ColdFusion that I need to set so that in the details page, when it checks if the user is logged in or not, it has the correct value?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Feb 26, 2016 Feb 26, 2016

Copy link to clipboard

Copied

2Charlie wrote:

I think the problem is not that it's not getting the correct target page because I've make sure and verified that the target page URL is correct and it's still not returning to the correct page

The referrer may not be what you expect at each stage.

  1. The user clicks on the link to see the details page
  2. The details page requires authentication
  3. It redirects the user to the authentication page. At this page in the custom_application.cfm page, it shows the HTTP_REFERER;  https://devbox.mysite.com/search/?search=calendar
  4. The user authenticated and then it comes back to the https://devbox.mysite.com/search/?search=calendar page instead of to the https://devbox.mysite.com/kb/article/calendar page, which is the link that the user clicked and wants to go there.

1. When the user clicks on the link to the details page, the referrer is NOT the details page. It is the current page, XXX, which may in fact be outside your website.

2. If the details page redirects him to the authentication page, then the referrer may still be the starting page, XXX. Something like this

XXX.cfm

<a href="details.cfm">Details<\a>

details.cfm

<cflocation url="authentication.cfm" addtoken="no">

That is, the referrer is actually the page on which the user clicks the link. You seem to interpret it as if it is the target of a link click.

To make your target page available, you could just squeeze in a line that stores it in session scope, before the redirection, like this

details.cfm

<cfset session.targetpage =CGI.SCRIPT_NAME>

<cflocation url="authentication.cfm" addtoken="no">

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 29, 2016 Feb 29, 2016

Copy link to clipboard

Copied

That is very helpful but, what's a the proper way to check if the user is already logged in in ColdFusion? And once the user is authenticated, is there something in ColdFusion that I need to set so that in the details page, when it checks if the user is logged in or not, it has the correct value? Is there a way to show/dump all the session variables?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Feb 29, 2016 Feb 29, 2016

Copy link to clipboard

Copied

2Charlie wrote:

is there something in ColdFusion that I need to set?

Yes. Set a session variable or a client variable or a cookie or anything that persists from one request to the next.

2Charlie wrote:

Is there a way to show/dump all the session variables?

<cfdump var="#session#">

Cheers

Eddie

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 29, 2016 Feb 29, 2016

Copy link to clipboard

Copied

How do I check if the session.loggedIn variable has been set or not? I kept getting a custom script module error when I do <cfif session.loggedIn eq "true">. I think this is because the session.loggedIn variable is not set and I already testing it. So, I need a way to test if it's already set or not. Do I do a <cfif StructKeyExists(session, "loggedIn")> and if it's already set, then do the testing if it's equal to "true"?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Feb 29, 2016 Feb 29, 2016

Copy link to clipboard

Copied

2Charlie wrote:

How do I check if the session.loggedIn variable has been set or not?

<cfif isDefined("session.loggedIn") and (session.loggedIn)>

Cheers

Eddie

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 29, 2016 Feb 29, 2016

Copy link to clipboard

Copied

Okay, this is what I have and it kept giving me "Error in custom script module" on this line. I'm logging before and after this line of code and the log after this line is not executed. So looks like it quit after executing this line.

<cfif isDefined("session.mySiteShibboleth.isAuthenticated") and (session.mySiteShibboleth.isAuthenticated)>

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Feb 29, 2016 Feb 29, 2016

Copy link to clipboard

Copied

Try this:

<cfif structKeyExists(session.mySiteShibboleth, "isAuthenticated") and (session.mySiteShibboleth.isAuthenticated)>

Cheers

Eddie

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 29, 2016 Feb 29, 2016

Copy link to clipboard

Copied

Same error. In my authenticted.cfm file, this is where the session is defined, I believed.

<cfif cgiReferer eq shibboleth_url>

  <cfscript>

  session.mysiteShibboleth = StructNew();

  session.mysiteShibboleth.username=REReplace(http_header.headers.eppn, "@mysite.com","","ALL");

  session.mysiteShibboleth.mail=http_header.headers.eppn;

  session.mysiteShibboleth.groups=ArrayToList(REMatch('WEB\.[A-Z.-]+', http_header.headers.member));

  session.mysiteShibboleth.isAuthenticated="true";

  </cfscript>

</cfif>

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Advocate ,
Feb 29, 2016 Feb 29, 2016

Copy link to clipboard

Copied

Have you determined whether or not that code is in fact getting executed?

Cheers

Eddie

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 29, 2016 Feb 29, 2016

Copy link to clipboard

Copied

This is the only code I have on the details page and I still get the same error. If I removed this code, the page loads fine.

<cfif structKeyExists(session.mysiteShibboleth, "isAuthenticated") and (session.mysiteShibboleth.isAuthenticated) >

  <cflog text="Session-Defined-5: isAuthenticated" type="Information" file="Authentication">

<cfelse>

  <cflog text="Session-Defined-7: It's not authenticated'" type="Information" file="Authentication">

</cfif>

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation