This is just an interesting fix we found to an issue we were having after installing Microsoft URLScan in one of our servers to better manage security.
In order to reduce exposure of our server's identity via its HTTP header we set the URLScan tool to remove it. As a side effect, our application pages that displayed cfcharts were no longer working. It was obvious that cfchart needed the header in there. Luckily there was another issue and fix in the ColdFusion TechNotes that although unrelated to URLScan had a promising fix, this issue posted here makes sure that ColdFusion "explicitly generates HTTP headers before the chart data". Low and Behold, the fix worked. Although one of my colleagues had found another fix online, it required you creating your own header using cfsavecontent and some other tricks.. although it seemed elegant at first, this required your code to change due to an external issue. By implemeting the fix above, we don't have to make our cfchart code any different then as if URLScan wasn't installed.
Phill Nacelli has been developing software for over 10 years, and has been using ColdFusion since version 4.5 and Flex since version 1.5. He has engineered and developed multiple enterprise web based applications for the federal government, non-profit association/education market and enjoys playing with the latest in programming techniques, frameworks and development tools. Phill is very active in the Adobe ColdFusion community via serving as the Capital Area ColdFusion User Group manager, a member of the Adobe Community Champions Program, speaking at conferences, magazine articles, user group presentations, community forums/chat rooms and this blog. He currently holds a position as Senior Software Architect at 
There are no comments for this entry.
[Add Comment]