1 Reply Latest reply on Apr 22, 2015 7:14 AM by haxtbh

    cfhttp is slow when sandbox security is enabled

    Marko

      We are running ColdFusion10 Ent. on Windows Server 2008 R2 Standard and IIS ver. 7.5. Java Version: 1.7.0_45

      We have also implemented the CF lockdown guide.

      Things have been running quite smoothly for some time now. However, after applying CF update 14 on our QA server we noticed an huge performance hit for all CFHTTP calls when security sandbox is enabled. If we disable the ssb then performance returns to normal. Disabling the sandbox is not an option for us.

      Here is the difference for a simple cfhttp request.

      Sandbox enabled: 9109 ms.

      Sandbox disabled: 79 ms.

      Rolling back to update 12 fixes the issue.

      We've since applied update 15 and now 16 with no change in this performance. After applying all update we always re-run the connectors as stated by Adobe.

      Our local dev machines (mac and PC) do not seem to experience this behaviour so I'm a bit concerned it might have something to do with IIS/connectors etc. on the server.

      Any suggestions/advice would be much appreciated as we cannot apply updates to our current prod installation running ver.10 update 12 until this issue is resolved.

      Thanks in advance.


      Update: To see if this issue was resolved in CF11, I installed CF11 on the same machine as above. Same issue exists with ssb enabled and the sandbox configured for my test app! The performance is still extremely poor for even a simple cfhttp request.

       

      Message was edited by: mark huras