People often ask if they can hide their CFML file behind an extension other than .cfm or .cfml. Yes, you can, and this tech note explains how.

Some may wonder why one would want to do this at all.

• Consider that some customers, or visitors, or perhaps even your management, may have an aversion to CFML. If they really don't need to care, you could "hide" your CFML behind some other file extension to simply avoid any contentious debate. Another goal may be to foil a hacker, fooling them into thinking you're using some other technology, so their exploits prove more challenging.
• One popular example where this technique has been used with BlueDragon is the very popular site, LinuxWorld.com. Yes, this site runs not on PHP (as many Linux fans would expect) but instead runs on BlueDragon using CFML. It also gets two million hits per day, which is a great testimony to BlueDragon's capabilities, but that's another story. The point here is that if the site's developers had used traditional .cfm file name extensions, the Linux community would inevitably complain and open rancorous debate. By using .htm extensions instead, no one's the wiser. (And they do use considerable caching as well so that the pages perform well enough that no one doubts they could be HTML files?but the developers get all the benefit of a dynamic web site using CFML.)
• One could even choose to use the extensions .php or .asp (assuming you don't otherwise use them for their intended purpose), or even .jsp (with a caveat, discussed below, since BlueDragon Server JX already recognizes .jsp).
• Still another example is for a company who makes their own CFML-based product and wants to hide the fact that it's CFML. While they could leverage the "precompiled code" feature of BlueDragon to hide the content of the CFML from prying eyes, they could go still further and come up with a new file extension to keep casual observers from determining that the code is CFML, by creating a new extension. Let's see how to do any of these in the remainder of this technote.

Warning: there are a couple of caveats about changing the extensions.

First, CFC file extensions cannot be remapped to something else, simply because the CFML language constructs for calling them (CFINVOKE and CFOBJECT/createObject) each presume that the file extension is .cfc. Until we change those tags to permit specifying the file extension, CFCs must rename mapped as .cfc extensions.

Second, while you may want to map your own CFML files to use a new extension, it is NOT currently possible for the BlueDragon admin console files to be changed to use a new extension. As such, if you plan to permit the admin console to be accessible, you cannot remove the current mappings for the .cfm extension (though you can proceed to define a new extension to be used by your own applications).

To change or add to the file extensions used to serve CFML via BlueDragon, you'll need to make some simple modifications to a couple of configuration files. Some are in BlueDragon, and if you're using an external web server (like Apache, IIS, or iPlanet), you'll need to make similarly simple changes in its configuration as well.

The first part of these instructions apply to either BlueDragon Server or Server JX and assume you're choosing to add the ".htm" extension as one that can contain CFML and should be processed by BlueDragon. It could be something entirely different like ".uad", as one customer wanted. The choice is yours.

If you're deploying CFML on .NET (using BlueDragon/.NET), skip to the next to last section, "Changes for .NET Servers". If you're deploying CFML on a Java EE server (using BlueDragon/JavaEE), skip to the final section, "Changes for Java EE Servers".

These steps apply to either BlueDragon 6.1 or 6.2.

---

The following few sections discuss changes required if using BlueDragon Server or Server JX. Changes for each web server, and then for BlueDragon itself, are described in the sections below.

When you integrate BlueDragon with Apache (using the Web Server Adapter option in the BlueDragon Admin Console, or during installation of BlueDragon), BlueDragon makes several changes to the Apache httpd.conf to set up ".cfm" and other extensions. You just need to modify those changes slightly to have it process ".htm" files (or whatever extension you desire) as well. Simply:

1. Add ".htm" (or your choice) to the list of extensions in the "ServletExecAliases" directive
2. Add "htm" (or your choice) to the list of extensions in the "AddHandler servlet-exec" directive

And then restart Apache. If you've configured virtual directories or virtual hosts, you may have multiple occurrences of those directives and will need to change them accordingly.

You're almost done: you also need to make a couple of changes in BlueDragon's properties files as described below under, "Changes In BlueDragon".

If you're running on IIS, you need to make changes to the file extension mappings in the IIS Manager interface. When you integrate BlueDragon with IIS (using the Web Server Adapter option in the BlueDragon Admin Console, or during installation of BlueDragon), BlueDragon adds extension mappings for .cfm (and other) files in the Master Properties for IIS.

You just need to add/modify the extension mappings for the extension(s) you desire to be processed as CFML by BlueDragon, setting the mapping to the same DLL that the .cfm extension points to. You can either do this at the Master Properties level (as BlueDragon made them), or at the virtual directory or web site level for any of those you may have manually configured to integrate with BlueDragon. (See the BlueDragon Installation Guide for more on manually configuring virtual directories and web sites.)

Assuming you want to change the Master Properties, simply right-click the "Web Sites" entry for your computer (in the IIS Manager interface), then choose "Properties". ?In the "Home Directory" tab, choose the "Configuration" button. ?Look for an existing mapping for the .cfm extension and edit it. The "executable" field should be to be pointing to BlueDragon (on my machine, it's set to C:\BlueDragon_Server_JX_62\bin\isapi\BlueDragon_Adapter.dll). If it's not, then BlueDragon hasn't been installed as the server of CFML in the Master Properties. If you know you've manually configured a virtual directory or web site, edit the properties for that.

Copy the complete path/file pointed to in the "executable" field to the clipboard (highlight and right-click it, choose "copy"). ?You'll now use this same executable for whatever other file extension you want to change or add. In the case of ".htm" (or your choice), you'd need to add one, by clicking the "add" button in that interface.?

If you make this setting in the "master properties", it will then flow into all web sites and virtual directories unless you've manually changed them otherwise. If needed, make the changes in them manually.

You shouldn't have to restart IIS for the changes to take effect, but if you want to, right-click the computer name and choose "Restart IIS".

As with Apache, you also need to make a couple of changes in BlueDragon's properties files as described below under, "Changes In BlueDragon".

If you use iPlanet or Netscape Enterprise Server as your web server, you need to make changes for those as well. The information provided above should be enough to guide those who have to configure such servers. If feedback suggests that more specific details are needed, this document will be revised to provide it.

Again, after configuring the web server (and restarting it), you need to make the last couple of changes in BlueDragon itself, described in the next section.

You're almost done: after making the changes for your web server, as discussed above, you need to make the following changes in BlueDragon's properties files (within BlueDragon installation directory, such as C:\BlueDragon_Server_JX_62\):

1. In config/bluedragon.properties, add ".htm" (or your choice) to the list of extensions in the "servletexec.default.aliases" property
2. In config/default/rules.properties, duplicate the line for CFM files to create a new one the htm extension (or your choice):
   *.htm=com.naryx.tagfusion.cfm.cfServlet

   Warning: be sure to use cfm file extension line as your model, and not the cfc line, if you're creating an extension to process pages as CFML. Also note that, as explained above, the .cfc extension cannot be changed to something else.

Finally, you need to restart the BlueDragon server. That's it. You should now be able to process ".htm" files (or your choice) as CFML.

If you're also using the BlueDragon built-in web server, or if you want to configure the JSP extension to process CFML pages, or if you're using a Java EE server for deployment of CFML using BlueDragon/JavaEE, please see the remaining sections.

If you use BlueDragon's built-in development/test web server for running your CFML (running code out of the BlueDragon directory's wwwroot), you can change BlueDragon to allow processing of CFML using another extension as well. In BlueDragon's config/default-built-in/rules.properties, simply duplicate the cfm file extension line to create a new entry for htm (or your choice): "*.htm=com.naryx.tagfusion.cfm.cfServlet". Again, do NOT use the cfc extension line as a model for a file extension to be processed as CFML pages.

Again, you need to restart the BlueDragon Server after making such changes.

If you need to hide CFML templates behind the .jsp extension (in Server JX, at least), there's a little extra work involved since Server JX (but not the free Server edition) already support JSPs (JavaServer Pages) using the .jsp extension.

Note that this is NOT about enabling CFML to run inside JSP pages (along with JSP code). It's simply about telling BlueDragon that you'll never be using JSP code and therefore want to use that extension for CFML pages instead.

In the BlueDragon file config/default/rules.properties, change the entry:

*.jsp=JSP10Servlet
to:
*.jsp=com.naryx.tagfusion.cfm.cfServlet

Note that you're telling BlueDragon to no longer hand JSPs to the JSP engine but instead to the CFML engine.

If you're using the built-in web server, you'll also need to change the file, config/default-built-in/rules.properties in the same way.

Again, after making these changes, restart BlueDragon Server.

---

All the steps above were for modifying BlueDragon Server and Server JX. If you're deploying BlueDragon in the .NET environment (using BlueDragon/.NET), the changes are slightly different.

In simple terms, there are just two changes needed, one in the IIS configuration and one in the relevant .NET config file(s) to map a new extension. Before proceeding, however, you must determine if your deployment of BlueDragon/.NET was done for all or some web sites, or for a single virtual directory, as this will influence where you make both kind of changes. (See the documentation, "Deploying CFML on ASP.NET Servers" for more information.

The change in IIS will be required in whatever web site or virtual directory in which BlueDragon has been mapped to process CFML files. Open the IIS Manager, select the given web site or virtual directory, choose "Properties", then "Home Directory", then "Configuration", and on the "mappings" tab locate the current mapping of CFM and CFML file extensions. Note that they will be configured to point to the aspnet_isap.dll (or more completely, c:\windows\microsoft.net\framework\v1.1.4322\aspnet_isapi.dll, when using the .NET 1.1 framework). This is the same executable as ASP.NET pages, as discussed in the BD/.NET documentation. (If the extensions are not pointing at the aspnet_isapi.dll, that would suggest that this web site/directory has not been configured to run CFML files against BD/.NET.)

To implement your new extension, copy the current extension mapping executable (for cfm files) to the clipboard. Note that in Windows XP, you must highlight the executable and right-click to copy it (rather than use the Ctrl-C keyboard shortcut). Then use the "add" button on that same mappings page to add your new extension, and paste the executable name. The BlueDragon installer de-selects the "check that file exists" option, so you may want to do that as well unless you know why you'd want it selected.

Repeat this process for whichever web sites and virtual directories you want to change. Also repeat it for which extensions you desire to implement.

It's not enough to simply change IIS. You must also change the .NET configuration files (which BlueDragon also had changed on installation), and again which file(s) to change will depend on how you installed BD/.NET. The product documentation explains how if you install to all or selected web sites, then it edits a central machine.config file. If you took the "single virtual directory" option during installation, then instead it has edited a web.config file in the directory you indicated.

Whichever you indicated, that is what you will want to change now. Open either file with any text editor (do NOT use WordPad, as it tends to improperly alter the file). Locate an entry that looks something like this:

<add verb="*" path="*.cfml" type="NewAtlanta.BlueDragon.CfmHttpHandler, BlueDragon, Version=6.2.0.0, Culture=neutral, PublicKeyToken=7551335de9fc3c36" validate="false" /<

Simply duplicate that entire entry to add another mapping, this one pointing the .htm extension (or your choice) to the cfmHttpHandler, as in:

<add verb="*" path="*.html" type="NewAtlanta.BlueDragon.CfmHttpHandler, BlueDragon, Version=6.2.0.0, Culture=neutral, PublicKeyToken=7551335de9fc3c36" validate="false" /<

Warning: be sure to use cfm file extension line as your model, and not the cfc line, if you're creating an extension to process pages as CFML. Also note that, as explained above, the .cfc extension cannot currently be changed to something else.

Save the file. Whenever you change the machine.config or web.config files, the .NET framework automatically unloads/restarts the affected web application.

It's worth noting that while it may be possible to map the ".aspx" extension to CFML, ASPX files are an inherent feature of .NET and doing so may have unexpected ramifications which we have not fully explored.

---

The steps in the first sections above were for modifying BlueDragon Server and Server JX. If you're deploying BlueDragon in the Java EE environment (using BlueDragon/JavaEE), the changes are slightly different (but in fact easier than above).

In the WEB-INF/web.xml file for your web app, locate the following entry:

<servlet-mapping>

<servlet-name>cfmServlet</servlet-name>
<url-pattern>*.cfm</url-pattern>
</servlet-mapping>

Simply duplicate that entire entry to add another mapping, this one pointing the .htm extension (or your choice) to the cfmServlet, as in:

<servlet-mapping>

<servlet-name>cfmServlet</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>

Warning: be sure to use cfm file extension line as your model, and not the cfc line, if you're creating an extension to process pages as CFML. Also note that, as explained above, the .cfc extension cannot currently be changed to something else.

Save the file, then redeploy the web application, or restart the Java EE server so that the web.xml is processed again.

It's worth noting that while it may be possible to map the ".jsp" extension to CFML, this may depend on the Java EE server. Since JSPs are inherent feature of Java EE servers, and there's not even a need to map the extension in the web.xml file for them to be processed, it may or may not work if you try to add a mapping pointing ".jsp" to BlueDragon's cfmServlet.

Author: Charlie Arehart
Last Updated: 5/23/2005 3:30 PM
Created: 5/20/2004