Overview
This article can be followed to implement basic ColdFusion “onMissingTemplate” and “onError” handling within your web application. Error handling is vital for any web application and should be implemented on every production website. ColdFusion gives you the ability to easily implement error handling within your application and allows you to determine how a web application responds to certain error types. Error handling allows you to control what exactly a visitor sees when an error is generated on your website. You should never allow a visitor to see robust exception information on your public facing web application. Robust error information could expose portions of your code base that is meant to be private any may lead to unintentional information disclosure. By default, we have Robust Exception Information disabled at the server level on our servers.
ColdFusion Error Handling
The below example can be utilized to implement a “onError” and “onMissingTemplate” function within your website’s Application.cfc file:
Please note: If your web application is relying on an Application.cfm file you will need to convert it to an Application.cfc file in order to utilize the onError & onMissingTemplate handling function within ColdFusion. By default, if both an Application.cfc file and Application.cfm file exist within a ColdFusion application the Application.cfc will run first and the Application.cfm file will be completely ignored.
Please refer to our community article on how to convert an Application.cfm to an Application.cfc file if the above note applies to you.
<cfcomponent>
<cfset This.name = "TestAppHere">
<cfset This.LogPath = expandPath("error.log")> <!--- You will need to be sure that your ColdFusion runtime user has permission to write to this log file. --->
<cfset This.ErrorTemplateNotFound = "404.cfm"> <!--- Replace this reference with an Error template of your choice. --->
<cfset This.ErrorTemplate = "500.cfm"> <!--- Replace this reference with an Error template of your choice. --->
<!--- 404 error handler --->
<cffunction name="onMissingTemplate" returnType="boolean">
<cfargument type="string" name="targetPage" required=true/>
<cftry>
<cfheader
statusCode = "404"
statusText = "Page Not Found"
>
<!--- Retrieving 404 ErrorHandler from Application scope --->
<cflock timeout="5" scope="application">
<cfset ErrorTemplateNotFound = This.ErrorTemplateNotFound>
</cflock>
<!--- Include custom 404 page --->
<cfinclude template = "#ErrorTemplateNotFound#">
<!--- return true to prevent the default ColdFusion error handler from running --->
<cfreturn true />
<cfcatch>
<!--- If an error occurs within the error handler routine, allow ColdFusion's default error handler to run --->
<cfreturn false />
</cfcatch>
</cftry>
</cffunction>
<!--- Handle script related / 500 errors --->
<cffunction name="onError">
<cfargument name="Except" required=true/>
<cfargument type="String" name = "EventName" required=true/>
<!--- Throw validation errors to ColdFusion for handling. --->
<cfif Find("coldfusion.filter.FormValidationException", Arguments.Except.StackTrace)>
<cfthrow object="#except#">
<cfelse>
<cftry>
<cfheader
statusCode = "500"
statusText = "Internal Server Error"
>
<!--- Log all errors in specific log file. --->
<cfset NewLine = chr(13) & chr(10)>
<cfset ErrorMessage = "Event: #Eventname##NewLine#Error: #Except.Message##NewLine#">
<!--- retrieve the log path from the application scope --->
<cflock timeout="5" scope="application">
<cfset logPath = This.LogPath>
</cflock>
<cffile
action = "append"
file = "#logPath#"
output = "#ErrorMessage#"
>
<!--- Run any application specific error handling code and include "500.cfm" template. --->
<!--- Retrieving ErrorTemplate handler from Application scope --->
<cflock timeout="5" scope="application">
<cfset ErrorTemplate = This.ErrorTemplate>
</cflock>
<!--- Include error handling template for 500 errors to show the visitor --->
<cfinclude template = "#ErrorTemplate#">
<!--- If an error occurs within the error handler, the cfcatch routine will run. In that case, we will return a custom error to the user. This should only happen if there is a permissions problem writing to the log or the error template does not exist. --->
<cfcatch>
<cfthrow message="An error has occured. Additionally, an error was encountered when processing the site's error handling routine. <br><br> #cfcatch.message#">
</cfcatch>
</cftry>
</cfif>
</cffunction>
</cfcomponent>
Beginning in ColdFusion 8 and above, there are now methods of handling 404 errors and 500 errors through two separate functions in the Application.cfc. The ‘onMissingTemplate’ function is used to handle 404 errors and the ‘onError’ function is used to handle 500 errors.
In the above example, there are two application variables that determine in what file 500 errors are logged and which page to display to the user when an error occurs:
<cfset This.LogPath = expandPath("error.log")> <!--- You will need to be sure that your ColdFusion runtime user has permission to write to this log file. --->
<cfset This.ErrorTemplateNotFound = "404.cfm"> <!--- Replace this reference with an Error template for 404 not found errors of your choice. --->
<cfset This.ErrorTemplate = "500.cfm"> <!--- Replace this reference with an Error template for 500 errors of your choice. --->
Also, it should be noted that any errors caught by the above error handling will be written to the error log file you define rather than the server’s ColdFusion logs. You can set the above file name attributes to whatever file names you prefer.
Congratulations! You have implemented your first “onError” and “onMissingTemplate” functions within your ColdFusion application. If you have any questions for our support team concerning error handling please feel free to reach out to us via a support ticket. Please view our article on submitting a ticket if necessary.