This is just an interesting fix we found to an issue we were having after installing Microsoft URLScan in one of our servers to better manage security.
In order to reduce exposure of our server's identity via its HTTP header we set the URLScan tool to remove it. As a side effect, our application pages that displayed cfcharts were no longer working. It was obvious that cfchart needed the header in there. Luckily there was another issue and fix in the ColdFusion TechNotes that although unrelated to URLScan had a promising fix, this issue posted here makes sure that ColdFusion "explicitly generates HTTP headers before the chart data". Low and Behold, the fix worked. Although one of my colleagues had found another fix online, it required you creating your own header using cfsavecontent and some other tricks.. although it seemed elegant at first, this required your code to change due to an external issue. By implemeting the fix above, we don't have to make our cfchart code any different then as if URLScan wasn't installed.
Phill Nacelli has been architecting and developing software solutions for over 10 years. He has lead the engineering and development of multiple enterprise web based applications for the Federal Government, Commercial Software, and non-profit association/education market. He enjoys playing with the latest in programming techniques, frameworks and development tools. Phill is very active in the Adobe ColdFusion community as a member of the Adobe Community Professional Program, serving as the Capital Area ColdFusion User Group Manager, Adobe ColdFusion Customer Advisory Board. He's also involved in speaking at technical conferences, writing technical articles, user group presentations, community forums/chat rooms support and via this blog. He is currently the Senior Software Architect - Solutions Lead at 
There are no comments for this entry.
[Add Comment]