cfhttp
Description
Generates an HTTP request and handles the response from the server.
Categories
Related
History
ColdFusion
8: Added the clientCert and clientCertPassword attributes.
ColdFusion
MX 7.01: Added the “never” value of the getAsBinary attribute.
ColdFusion
MX 7: Added the result attribute, which allows
you to specify an alternate variable in which to receive a result.
ColdFusion
MX 6.1:
Added support for the following methods: HEAD,
PUT, DELETE, OPTIONS, TRACE.
Added multipart, getAsBinary, proxyUser,
and proxyPassword attributes.
Changed httpparam behavior: all operations
can have httpparam tags.
Added the cfhttp.errorDetail return variable.
Modified response body content types considered to be text.
Changed behavior for multiple headers: multiple headers of
the same type are returned in an array.
Added support for HTTPS proxy tunneling.
Fixed bugs in code and documentation.
ColdFusion
MX:
Added the charset and firstrowasheaders attributes.
Changed Secure Sockets Layer (SSL) support: ColdFusion uses
the Sun JSSE library, which supports 128-bit encryption, to support
SSL.
Syntax
<cfhttp
url = "server URL"
charset = "character encoding"
clientCert = "filename"
clientCertPassword = "password"
columns = "query columns"
delimiter = "character"
file = "filename"
firstrowasheaders = "yes|no"
getAsBinary = "auto|yes|no|never"
method = "method name"
multipart = "yes|no"
name = "query name"
password = "password"
path = "path"
port = "port number"
proxyServer = "host name"
proxyPort = "port number"
proxyUser = "username"
proxyPassword = "password"
redirect = "yes|no"
resolveURL = "yes|no"
result = "result name"
textQualifier = "character"
throwOnError = "yes|no"
timeout = "time-out period in seconds"
username = "username"
userAgent = "user agent">
cfhttpparam tags [optional for some methods]
</cfhttp>
Note: You can specify
this tag’s attributes in an attributeCollection attribute
whose value is a structure. Specify the structure name in the attributeCollection attribute
and use the tag’s attribute names as structure keys.
Attributes
| Attribute | Description | Required | Default |
|---|---|---|---|
| charset | The character encoding of the request, including the URL query string and form or file data, and the response. The following list includes commonly used values: utf-8 iso-8859-1 windows-1252 us-ascii shift_jis iso-2022-jp euc-jp euc-kr big5 euc-cn utf-16 For more information character encodings, see www.w3.org/International/O-charset.html. | Optional | For request: UTF-8 For response: charset specified by response Content- Type header, or UTF-8 if response does not specify charset. |
| clientCert | The full path to a PKCS12 format file that contains the client certificate for the request. | Optional | |
| clientCertPassword | Password used to decrypt the client certificate. | Optional | |
| columns | The column names for the query, separated by commas, with no spaces. Column names must start with a letter. The remaining characters can be letters, numbers, or underscore characters (_). If there are no column name headers in the response, specify this attribute to identify the column names. If you specify this attribute, and the firstrowasHeader attribute is True (the default), the column names specified by this attribute replace the first line of the response. You can use this behavior to replace the column names retrieved by the request with your own names. If a duplicate column heading is encountered in either this attribute or in the column names from the response, ColdFusion appends an underscore to the name to make it unique. If the number of columns specified by this attribute does not equal the number of columns in the HTTP response body, ColdFusion generates an error. | Optional | First row of response contains column names. |
| delimiter | A character that separates query columns. The response body must use this character to separate the query columns. | Optional | , (comma) |
| file | Name of the file in which to store the response body. For a GET operation, the default is the file requested in the URL, if there is one. For example, if the URL in a GET method is http:www.myco.com/test.htm, the default file is test.htm. Do not specify the path to the directory in this attribute; use the path attribute. | Required if path is specified and not a GET method | See Description |
| firstrowasheaders | Determines how ColdFusion processes the first row of the query record set: yes: processes the first row as column heads. If you specify a columns attribute, ColdFusion ignores the first row of the file. no: processes the first row as data. If you do not specify a columns attribute, ColdFusion generates column names by appending numbers to the word "column"; for example, "column_1". | Optional | yes |
| getAsBinary | no: if ColdFusion does not recognize the response body type as text, converts it to a ColdFusion object. auto: if ColdFusion does not recognize the response body type as text, converts it to ColdFusion Binary type data. yes: always converts the response body content into ColdFusion Binary type data, even if ColdFusion recognizes the response body type as text. never: prevents the automatic conversion of certain MIME types to the ColdFusion Binary type data; treats the returned content as text. ColdFusion recognizes the response body as text if: the header does not specify a content type. the content type starts with "text". the content type starts with "message". the content type is "application/octet-stream". If ColdFusion does not recognize the body as text and converts it to an object, but the body consists of text, the cfoutput tag can display it. The cfoutput tag cannot display Binary type data. (To convert binary data to text, use the ToString function.) | Optional | no |
| method | GET: requests information from the server. Any data that the server requires to identify the requested information must be in the URL or in cfhttptype="URL" tags. POST: sends information to the server for processing. Requires one or more cfhttpparam tags. Often used for submitting form-like data. PUT: requests the server to store the message body at the specified URL. Use this method to send files to the server. DELETE: requests the server to delete the specified URL. HEAD: identical to the GET method, but the server does not send a message body in the response. Use this method for testing hypertext links for validity and accessibility, determining the type or modification time of a document, or determining the type of server. TRACE: requests that the server echo the received HTTP headers back to the sender in the response body. Trace requests cannot have bodies. This method enables the ColdFusion application to see what is being received at the server, and use that data for testing or diagnostic information. OPTIONS: a request for information about the communication options available for the server or the specified URL. This method enables the ColdFusion application to determine the options and requirements associated with a URL, or the capabilities of a server, without requesting any additional activity by the server. | Optional | GET |
| multipart | Tells ColdFusion to send all data specified by cfhttpparam type="formField" tags as multipart form data, with a Content-Type of multipart/form-data. By default, ColdFusion sends cfhttp requests that contain only formField data with a Content Type of application/x-www-form-urlencoded. (If the request also includes File type data, ColdFusion uses the multipart/form-data content type for all parts.) If yes, ColdFusion also sends the request’s charset in each Content-Type description. All form field data must be encoded in this character encoding, and ColdFusion does not URLEncode the data. (The field name must be in ISO-88591-1 or ASCII.) Some http parsers, including the one used by previous versions of ColdFusion, ignore the multipart form field character encoding description. | Optional | no (Sends as multipart only if request includes File type data.) |
| multipartType | Allows you to set the multipart header field to related or form-data. By default, the value is form-data. | Optional | form-data |
| name | Tells ColdFusion to create a query object with the given name from the returned HTTP response body. | Optional | |
| password | Use to pass a password to the target URL for Basic Authentication. Combined with username to form a base64 encoded string that is passed in the Authenticate header. Does not provide support for Integrated Windows, NTLM, or Kerebos authentication. | Optional | |
| path | Tells ColdFusion to save the HTTP response body in a file. Contains the absolute path to the directory in which to store the file. | Required if file is specified. | |
| port | Port number on the server to which to send the request. A port value in the url attribute overrides this value. | Optional | 80 for http 443 for https |
| proxyPassword | Password to provide to the proxy server. | Optional | |
| proxyPort | Port number to use on the proxy server. | Optional | 80 |
| proxyServer | Host name or IP address of a proxy server to which to send the request. | Optional | |
| proxyUser | User name to provide to the proxy server. | Optional | |
| redirect | If the response header includes a Location field AND ColdFusion receives a 300-series (redirection) status code, specifies whether to redirect execution to the URL specified in the field: yes: redirects execution to the specified page. no: stops execution and returns the response information in the cfhttp variable, or throws an error if the throwOnError attribute is True. The cfhttp.responseHeader.Location variable contains the redirection path. ColdFusion follows a maximum of four redirects on a request. If there are more, ColdFusion functions as if redirect = "no". Note: The cflocation tag generates an HTTP 302 response with the url attribute as the Location header value. | Optional | yes |
| resolveURL | no: does not resolve URLs in the response body. As a result, any relative URL links in the response body do not work. yes: resolves URLs in the response body to absolute URLs, including the port number, so that links in a retrieved page remain functional. Applies to these HTML tags: img src a href form action applet code script src embed src embed pluginspace body background frame src bgsound src object data object classid object codebase object usemap Does not resolve URLs if the file and path attributes are used. | Optional | no |
| result | Specifies the name of the variable in which you want the result returned. | Optional | |
| textQualifier | A character that, optionally, specifies the start and end of a text column. This character must surround any text fields in the response body that contain the delimiter character as part of the field value. To include this character in column text, escape it by using two characters in place of one. For example, if the qualifier is a double-quotation mark, escape it as "". | Optional | " [double-quotation mark] |
| throwOnError | yes: if the server returns an error response code, throws an exception that can be caught using the cftry and cfcatch or ColdFusion error pages. no: does not throw an exception if an error response is returned. In this case, your application can use the cfhttp.StatusCode variable to determine if there was an error and its cause. | Optional | no |
| timeout | Value, in seconds, that is the maximum time the request can take. If the time-out passes without a response, ColdFusion considers the request to have failed. If the client specifies a time-out in the URL search parameter (for example, ?RequestTime=120) ColdFusion uses the lesser of the URL time-out and the timeout attribute value; this ensures that the request times out before, or at the same time as, the page. If the URL does not specify a time-out, ColdFusion uses the lesser of the Administrator time-out and the timeout attribute value. If the time-out is not set in any of these, ColdFusion waits indefinitely for the cfhttp request to process. | Optional | |
| url | Address of the resource on the server that handles the request. The URL must include the hostname or IP address. If you do not specify the transaction protocol (http:// or https://), ColdFusion uses the default protocol, http. If you specify a port number in this attribute, it overrides any port attribute value. The cfhttpparam tag URL attribute appends query string attribute-value pairs to the URL. | Required | Uses the http protocol |
| userAgent | Text to put in the user agent request header. Used to identify the request client software. Can make the ColdFusion application appear to be a browser. | Optional | ColdFusion |
| username | Use to pass a user name to the target URL for Basic Authentication. Combined with password to form a base64 encoded string that is passed in the Authenticate header. Does not provide support for Integrated Windows, NTLM, or Kerberos authentication. | Optional |
Usage
The cfhttp tag is a general-purpose tool for creating HTTP requests and handling the returned results. It enables you to generate most standard HTTP request types. You use embedded cfhttpparam tags to specify request headers and body content.
When ColdFusion receives a response to a cfhttp request, it can put the response body (if any) in a file or the cfhttp.FileContent string variable. If the body text is structured as a result set, ColdFusion can put the body text in query object. You can also access the values of all returned headers and specify how to handle error status and redirections, and specify a time-out to prevent requests from hanging.
The HTTP protocol is the backbone of the World Wide Web and is used for every web transaction. Because the cfhttp tag can generate most types of requests, it provides significant flexibility. Possible uses include:
Interacting with dynamic web sites and services that are not available as web services. (Use the cfinvoke tag to access SOAP web services.)
Getting the contents of an HTML page or other file such as an image on a web server for use in your CFML page or storage in a file.
Sending a secure request to a server by specifying the https protocol in the url attribute.
Using the POST method to send a multipart/form-data style post to any URL that can handle such data and return results, including CGI executables or even other ColdFusion pages.
Using the PUT method to upload files to a server that does not accept FTP requests.
This tag can, and for PUT and POST requests must, have a body that contains cfhttpparam tags. If this tag has cfhttpparam tags, it must have a </cfhttp> end tag.
To use HTTPS with the cfhttp tag, you might need to manually import the certificate for each web server into the keystore for the JRE that ColdFusion uses. This procedure should not be necessary if the certificate is signed (issued) by an authority that the JSSE (Java Secure Sockets Extension) recognizes (for example, Verisign); that is, if the signing authority is in the cacerts already. However, you might need to use the procedure if you are issuing SSL (secure sockets layer) certificates yourself.
When ColdFusion receives a response to a cfhttp request, it can put the response body (if any) in a file or the cfhttp.FileContent string variable. If the body text is structured as a result set, ColdFusion can put the body text in query object. You can also access the values of all returned headers and specify how to handle error status and redirections, and specify a time-out to prevent requests from hanging.
The HTTP protocol is the backbone of the World Wide Web and is used for every web transaction. Because the cfhttp tag can generate most types of requests, it provides significant flexibility. Possible uses include:
Interacting with dynamic web sites and services that are not available as web services. (Use the cfinvoke tag to access SOAP web services.)
Getting the contents of an HTML page or other file such as an image on a web server for use in your CFML page or storage in a file.
Sending a secure request to a server by specifying the https protocol in the url attribute.
Using the POST method to send a multipart/form-data style post to any URL that can handle such data and return results, including CGI executables or even other ColdFusion pages.
Using the PUT method to upload files to a server that does not accept FTP requests.
This tag can, and for PUT and POST requests must, have a body that contains cfhttpparam tags. If this tag has cfhttpparam tags, it must have a </cfhttp> end tag.
To use HTTPS with the cfhttp tag, you might need to manually import the certificate for each web server into the keystore for the JRE that ColdFusion uses. This procedure should not be necessary if the certificate is signed (issued) by an authority that the JSSE (Java Secure Sockets Extension) recognizes (for example, Verisign); that is, if the signing authority is in the cacerts already. However, you might need to use the procedure if you are issuing SSL (secure sockets layer) certificates yourself.
Example
<!--- This example displays the information provided by
the Designer & Developer Center XML feed,
http://www.adobe.com/devnet/resources/_resources.xml
See http://www.adobe.com/devnet/articles/xml_resource_feed.html
for more information on this feed. --->
<!--- Set the URL address. --->
<cfset urlAddress="http://www.adobe.com/devnet/resources/_resources.xml">
<!--- Use the CFHTTP tag to get the file content represented by urladdress.
Note that />, not an end tag, terminates this tag. --->
<cfhttp url="#urladdress#" method="GET" resolveurl="Yes" throwOnError="Yes"/>
<!--- Parse the XML and output a list of resources. --->
<cfset xmlDoc = XmlParse(CFHTTP.FileContent)>
<!--- Get the array of resource elements, the xmlChildren of the xmlroot. --->
<cfset resources=xmlDoc.xmlroot.xmlChildren>
<cfset numresources=ArrayLen(resources)>
<cfloop index="i" from="1" to="#numresources#">
<cfset item=resources[i]>
<cfoutput>
<strong><a href=#item.url.xmltext#>#item.title.xmltext#</strong></a><br>
<strong>Author</strong> #item.author.xmltext#<br>
<strong>Applies to these products</strong><br>
<cfloop index="i" from="4" to="#arraylen(item.xmlChildren)#">
#item.xmlChildren[i].xmlAttributes.Name#<br>
</cfloop>
<br>
</cfoutput>
</cfloop>