RE: [contentbox-version] Re: Problem with the admin and url of web site

By default, I believe that CF cookies must match the full domain name. You can specify the domain you want with the cfcookie tag:

That would let,, and all share the same cookie set with a domain of “”.

That being said, I’m not sure what settings are used when you just do cookie.myValue = ‘’

Either way, a small amount of HTTP introspection should tell you what’s going on. For starters look at the cookies being sent by the browser to the server. Is the jsessionID changing when the domain changes.

Second, look at the cookie “set” being sent from the server to the browser, what domain does it specify, if any?

Finally, I’m pretty sure the issue is that your site is getting reinitialized with domain x, and that gets stored as an application setting for the baseSESURL. Then, later on, when you try and hit the other domain, any setNextEvent is throwing you back to the original. That could be an annoying issue regardless of the cookie domain bit (being redirected to a different domain than the one you were on)

Like Luis said, if you want to use your site on both and, you need to register an interceptor that sets the base SES URL on every request. My site at work is configured to allow any domain to access it and it will always use the current domain it is on for any redirects. Here’s my interceptor:

<cfset arguments.event.setSESBaseURL(“http” & ((event.isSSL())? “s” : “”) & “://” & cgi.http_host & ((len(trim(getSetting(“AppMapping”))))?"/" : “”) & getSetting(“AppMapping”) & “/index.cfm”) >



ColdBox Platform Evangelist
Ortus Solutions, Corp

ColdBox Platform:


Ok, I am now almost 100% convinced that the issue I am seeing with the index.cfm being added to the url and the href problem are related now.

Here is what just happened to me, on my development server I hard coded all the hrefs to and then uploaded these changes to my live site. What happened next is going to go into the WTF basket, because I can’t even explain this.

Without running the code on y development box, there is no way that that change would have been picked up, but I did on my live site and quickly noticed that I had actually type www, which I retified quickly and uploaded the files.

Now all this time I did not run this code on my development machine, and quickly undid the changes so that my development could keep going.

Now here is where it gets interesting, for 12 hours I was going in and out of the development administrator without any problems. 10 hours after I last used the administrator and tried to log in, there was no style sheet. Everything had been lost, looking at the request back into chrome I soon saw why.

After 12 hours of me undoing all the local changes, and not running the site in those changes, it somehow picked up the fact that the href is indeed www, so I went looking for that in the code and found nothing. I then logged in and the style was back again. So I reloaded the application killed the content cache and reloaded the site and tried to open that page again.

Still it was trying to load www, and I am like WTF… Ok so the next best thing run it in another application scope, and low and behold same problem no style sheet, and the reference to the base href is still www,

So I am now freaked out here, and I think this is the same as the index.cfm being added to the url because it is almost identical in how it is happening.

Stopping ColdFusion has no impact on this, which has me stumped even more. Now I would almost say this is a ColdFusion 10 issue, except my live blog is ColdFusion 9.

Ok they are not related, but the SES and baseURL stuff is majorly broken, well I believe it is.

Here is how to duplicate the problem, have two devices on the same network.

  1. Make sure ColdFusion is not running, and then start ColdFusion.
  2. On your main development machine, browse on the same machine that is running ColdFusion. Using 127.0.01/cbadmin or for the front side.
  3. All looks good
  4. Now grab your second device, and browse to that server via its IP address, loads up and seems to look fine. Until you hit any of the links because they will be using so they are all broken.

This is really bad behavior because, if I am reloading the application on the live site, and a request comes in at that moment it is changing the the url. I think that the only solution to this would be that the domain url is stored in the database, fully configurable when installing and changeable from the admin dashboard.

I don’t see this as a huge issue, but it is an issue for high volume web sites. If we grab the setting from what the user enters at the beginning of the install then this will never be a problem.

Now to try and explain the index.cfm appearing in the url…