ColdFusion incompatible with XFN?

ColdFusion has a problem dealing with XFN. When using ColdFusion client side validation invoked by <cfinput required="yes" />. ColdFusion should generate JavaScript to validate the form on submission. This typically should be between in the <head /> somewhere. When using the profile attribute of the head tag <head profile="http://gmpg.org/xfn/11" > for XFN, ColdFusion apparently doesn’t detect a <head /> tag, and therefore dumps the contents above the <html> tag. This is wrong for two reasons:

  1. profile is a valid attribute for the <head> tag [HTML4 7.4.1]
  2. The <script/> is allowed in the <head> or <body>. If the <head> does not exist, it should likely default to the top of the body tag as a second choice [HTML4 18.2.1]

Sample code to illustrate bug:

< !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!– with the profile attribute –>
<head profile="http://gmpg.org/xfn/11">
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Show Bug</title>
</head>
<body>
<cfform action="null">
    <cfinput type="text" name="foo" required="yes" message="this page has the bug" />
    <input type="submit" name="do_submit" value="Submit" />
</cfform>
</body>
</html>

Does not show the bug:

Notice no profile="" in the <head> tag.

< !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!– now without the profile attribute –>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Show Bug</title>
</head>
<body>
<cfform action="null">
    <cfinput type="text" name="foo" required="yes" message="this page has the bug" />
    <input type="submit" name="do_submit" value="Submit" />
</cfform>
</body>
</html>

Ideally, ColdFusion would sniff the DOCTYPE and generate the appropriate output, for it’s JavaScript in XHTML using a CDATA.

<script type="text/javascript">
< ![CDATA[
… unescaped script content …
]]>
</script>

but perhaps that’s asking to much.

FYI the server that demonstrated this is running:

server.ColdFusion.ProductLevel = Enterprise
server.ColdFusion.ProductName = ColdFusion Server
server.ColdFusion.ProductVersion = 7,0,0,91690
server.OS.AdditionalInformation =
server.OS.BuildNumber =
server.OS.Name = Windows 2003
server.OS.Version = 5.2

Leave a Reply

Your email address will not be published. Required fields are marked *