Merge branch 'p720'

Author: justincarter

Application.cfc

@@ -27,8 +27,13 @@
 	<cfif structKeyExists(url, "furl") AND url.furl EQ "/pingFU">				
 		<cfcontent type="text/plain" variable="#ToBinary( ToBase64('PING FU SUCCESS') )#" reset="Yes">
 	</cfif>
-	
-	
+
+	<!--- healthcheck live endpoint --->
+	<cfif structKeyExists(url, "furl") AND url.furl eq "/healthcheck/live">
+		<cfset healthcheckLive()>
+	</cfif>
+
+
 	<!--- run the active project's constructor --->
 	<cfset this.projectConstructorLocation = getProjectConstructorLocation(plugin="webtop") />
 	<cfinclude template="#this.projectConstructorLocation#" />
@@ -114,11 +119,11 @@
 		<cfparam name="cookie.hasSessionScope" default="false" />
 
 		<cfif NOT isBoolean(cookie.sessionScopeTested)>
-			<cfset cookie.sessionScopeTested = false>
+			<cfcookie name="sessionScopeTested" value="false" expires="never" httpOnly="true" />
 		</cfif>
 
 		<cfif NOT isBoolean(cookie.hasSessionScope)>
-			<cfset cookie.hasSessionScope = false>
+			<cfcookie name="hasSessionScope" value="false" httpOnly="true">
 		</cfif>
 
 		<cfif not len(cgi.http_user_agent) or (cookie.sessionScopeTested and not cookie.hasSessionScope) or reFindAny(this.botAgents,lcase(cgi.HTTP_USER_AGENT)) or arrayFind(this.botIPs,cgi.remote_addr)>
@@ -127,8 +132,8 @@
 
 			<cfif not cookie.sessionScopeTested>
 				<cftry>
-					<cfcookie name="sessionScopeTested" value="true" expires="never" />
-					<cfcookie name="hasSessionScope" value="false" expires="never" />
+					<cfcookie name="sessionScopeTested" value="true" expires="never" httpOnly="true" />
+					<cfcookie name="hasSessionScope" value="false" expires="never" httpOnly="true" />
 					<cfcatch></cfcatch>
 				</cftry>
 			</cfif>
@@ -137,8 +142,8 @@
 
 			<cfif not cookie.sessionScopeTested><!--- Sessions are OK for this user, set the cookie --->
 				<cftry>
-					<cfcookie name="sessionScopeTested" value="true" expires="never" />
-					<cfcookie name="hasSessionScope" value="true" expires="never" />
+					<cfcookie name="sessionScopeTested" value="true" expires="never" httpOnly="true" />
+					<cfcookie name="hasSessionScope" value="true" expires="never" httpOnly="true" />
 					<cfcatch></cfcatch>
 				</cftry>
 			</cfif>
@@ -246,8 +251,35 @@
 
 		<cfreturn false />
 	</cffunction>
-	
-	
+
+
+	<cffunction name="healthcheckReady" output="false">
+		<!---
+			readiness indicates that the application has been initialised and is ready to handle requests
+			(e.g. ready to be brought into a load balancer)
+		--->
+		<!--- test the application --->
+		<cfif NOT structKeyExists(application, "bInit") OR application.bInit eq false>
+			<cfheader statuscode="503" statustext="Unavailable: Application has not started">
+			<cfabort>
+		</cfif>
+
+		<!--- return a 200 OK --->
+		<cfheader statuscode="200" statustext="OK">
+		<cfabort>
+	</cffunction>
+
+	<cffunction name="healthcheckLive" output="false">
+		<!---
+			liveness indicates that the application is in a healthy, live state (and the JVM is healthy)
+			failing this test means that the application server may need to be restarted
+		--->
+		<!--- return a 200 OK --->
+		<cfheader statuscode="200" statustext="OK">
+		<cfabort>
+	</cffunction>
+
+
 	<cffunction name="OnApplicationStart" access="public" returntype="boolean" output="false" hint="Fires when the application is first created.">
 
 		<cfset var qServerSpecific = queryNew("blah") />
@@ -420,6 +452,18 @@
 	<cffunction name="OnRequestStart" access="public" returntype="boolean" output="false" hint="Fires at first part of page processing.">
 		<cfargument name="TargetPage" type="string" required="true" />
 
+		<!--- healthcheck ready endpoint --->
+		<cfif structKeyExists(url, "furl") AND url.furl eq "/healthcheck/ready">				
+			<cfset healthcheckReady()>
+		</cfif>
+
+		<!--- block requests to /farcry paths with the exception of webtop --->
+		<cfif left(cgi.script_name, 7) eq "/farcry" AND NOT left(cgi.script_name, len(application.url.webtop)) eq application.url.webtop>
+			<cfset oError = createobject("component","farcry.core.packages.lib.error") />
+			<cfset oError.showErrorPage("404 Page missing",oError.create404Error("Bad request")) />
+			<cfabort />
+		</cfif>
+
 		<!--- If a session switch was requested, do that now --->
 		<cfif structKeyExists(url, "switchsession")>
 			<cfset application.fc.lib.session.switchSession(url.switchsession) />
@@ -462,7 +506,7 @@
 		<cfif not listcontains(server.stFarcryProjects[application.projectDirectoryName].domains,cgi.http_host)>
 			<cfset server.stFarcryProjects[application.projectDirectoryName].domains = listappend(server.stFarcryProjects[application.projectDirectoryName].domains,cgi.http_host) />
 		</cfif>
-		<cfset cookie.currentFarcryProject = application.projectDirectoryName />	
+		<cfcookie name="currentFarcryProject" value="#application.projectDirectoryName#" httpOnly="true">	
 
 		<!--- Checks to see if the user has attempted to flick over to administrate a different project on this server. --->		
 		<cfif 	structKeyExists(url, "farcryProject") 
@@ -535,7 +579,9 @@
 		<cfset var oError = "" />
 
 		<!--- increase the request timeout a little, in case the error was caused by a request timeout --->
-		<cfif structkeyexists(server,"railo")>
+		<cfif structkeyexists(server,"lucee")>
+			<cfsetting requesttimeout="#getPageContext().getRequestTimeout() + 10000#" />
+		<cfelseif structkeyexists(server,"railo")>
 			<cfsetting requesttimeout="#getPageContext().getRequestTimeout() + 10000#" />
 		<cfelseif structkeyexists(server,"coldfusion")>
 			<cfsetting requesttimeout="#CreateObject("java", "coldfusion.runtime.RequestMonitor").GetRequestTimeout() + 10#" />
@@ -756,7 +802,7 @@
 			<!--- If all else fails... --->
 			<!--- 1. See if the user has a cookie telling us what project to look at. --->
 			<cfif structKeyExists(url, "farcryProject") AND len(url.farcryProject)>
-				<cfset cookie.currentFarcryProject = url.farcryProject />
+				<cfcookie name="currentFarcryProject" value="#url.farcryProject#" httpOnly="true">
 			</cfif>
 			<cfif arguments.plugin EQ "webtop" AND structKeyExists(cookie, "currentFarcryProject")>
 				<cfif fileExists(expandPath("/#currentFarcryProject#/farcryConstructor.#arguments.fileExtension#"))>

packages/cdn/local.cfc

@@ -276,18 +276,18 @@
 	<cffunction name="ioGetDirectoryListing" returntype="query" access="public" output="false" hint="Returns a query of the directory containing a 'file' column only. This filename will be equivilent to what is passed into other CDN functions.">
 		<cfargument name="config" type="struct" required="true" />
 		<cfargument name="dir" type="string" required="true" />
+		<cfargument name="listinfo" type="string" required="false" default="name" hint="name or all" />
 
 		<cfset var qDir = "" />
 
-		<cfdirectory action="list" directory="#getFullPath(config=arguments.config,file=arguments.dir)#" recurse="true" type="file" listinfo="name" name="qDir" />
+		<cfdirectory action="list" directory="#getFullPath(config=arguments.config,file=arguments.dir)#" recurse="true" type="file" listinfo="#arguments.listinfo#" name="qDir" sort="name" />
 
 		<cfquery dbtype="query" name="qDir">
-			SELECT 		'#arguments.dir#/' + name AS file 
+			SELECT 		'#arguments.dir#/' + name AS file, *
 			FROM 		qDir 
 			WHERE		not name like '%/.%'
-			ORDER BY 	name
 		</cfquery>
-		
+
 		<cfreturn qDir />
 	</cffunction>