User Guide

86 Developing Web Applications with ColdFusion

Securing Custom Tags

ColdFusion’s security framework enables you to selectively restrict access to individual

tags or to tag directories. This can be an important safeguard in team development.

To avoid name conflicts, you can register custom tags as a security resource on the

ColdFusion Administrator Advanced Security page. See Administering ColdFusion

Serverfor details.

Encoding Custom Tags

You can use the command-line utility cfencode to encode any ColdFusion application

template. By default, the utility is installed in the

/cfusion/bin directory. It is

especially useful for securing custom tag code before distributing it.

cfencode uses the following syntax:

cfencode

infile outfile

[/r /q] [/h "message"] /v"2"

CFMODULE Attributes

Attribute Description

Template Required if the NAME attribute is not used. Specifies a relative path to

the cfm file. Same as TEMPLATE attribute in CFINCLUDE. Note that the

directory must have a mapping defined in ColdFusion Administrator

Example:

<CFMODULE TEMPLATE="../MyTag.cfm"> identifies a

custom tag file in the parent directory.

Name Required if Template attribute is not used. Use period -separated

names to uniquely identify a sub-directory under the Custom Tags

root directory.

Example:

identifies the file

GetUserOptions.cfm in Custom

Tags\Allaire.Alive

directory under the ColdFusion root

directory.

Attributes Optional. You can list the custom tag’s attributes.