2

I tried to disable Script permission on a folder for uploads and realized if I don't remove the JWildCardHandler, I would get,

HTTP Error 403.1 - Forbidden

You have attempted to run a CGI, ISAPI, or other executable program from a directory that does not allow executables to run.

Would someone please explain what does JWildCardHandler do? Was it meant for handling some SEO-friendly URL? Why is it enabled by default? Wouldn't that mean requesting static files would also invoke this unnecessary handler?

The only plausible use-case I can think of is something like:

http://mydomain.com/index.cfm/something

Is this what something JWildCardHandler would handle? Thanks

Henry
  • 32,689
  • 19
  • 120
  • 221

1 Answers1

5

Would someone please explain what does JWildCardHandler do?

This is ColdFusion's catch-all handler for interpreting requests for ColdFusion pages.

Was it meant for handling some SEO-friendly URL? Why is it enabled by default?

If you have ColdFusion installed and have your site configured to use ColdFusion, this handler will be installed to catch those requests. It's not related to SEO.

Wouldn't that mean requesting static files would also invoke this unnecessary handler?

Considering that it's a catch-all and defined as an ISAPI filter, all requests will go through it.

Sumo
  • 4,066
  • 23
  • 40
  • Any idea why would CF need a catch-all handler if it was meant to only handle .cfc/.cfm/.cfml? – Henry Jun 26 '12 at 18:42
  • 2
    It's for the purposes of capturing requests that don't end in the typical extensions, but need to be handled by ColdFusion anyway like Flash Remoting. – Sumo Jun 26 '12 at 18:49