Protecting Your Tags

ColdFusion comes with a command-line utility called CFEncode you can use to obfuscate the source code in your CFML templates so that it can’t be easily viewed. The obfuscation process is designed to be one-way, so you should make sure you have a backup copy of any templates you wish to encode before proceeding. You should also be aware that the mechanism used to encode tags is relatively weak and has been broken in the past. For this reason, you shouldn’t rely on the encoding mechanism as the sole means for protecting your source code.

To run the CFEncode utility (located in \cfusion\bin by default), simply execute it using the following syntax:

cfencode infile outfile [/r /q] [/h "header"] /v"2"

The following list explains each parameter and switch:

infile

Specifies the name of the CFML template to be encoded. Optionally, you may specify a wildcarded filename if you wish to encode more than one template at a time.

outfile

Specifies the full path to the output file for the encoded file. If you fail to specify an output file, the CFEncode utility overwrites the original file with the encoded version. For this reason, it is important that you always keep a backup copy of any templates you wish to encode.

/r

Specifies that encoding should be recursive. This switch is used when you use a wildcard as the infile parameter, and you wish to have the CFEncode utility recurse subdirectories.

/q

Specifying this optional switch turns off any warning messages usually ...

Get Programming ColdFusion now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.