Your ColdFusion applications must meet specific compilation requirements before you can submit them for scanning.
See Supported Languages and Platforms for instructions for other platforms.
- All binary executables
- All required libraries
- The complete debug information for the application
Supported ColdFusion Versions
|ColdFusion||Deployed as Java||7, 8, 9, 10, 11||7, 8, 9, 10, 11 (cfcompile.exe)|
- Compile the ColdFusion code into Java.
- Build a Java Web Archive (WAR) file for uploading to Veracode.
"c:\coldfusion8\bin\cfcompile" -deploy c:\mycfwebroot c:\mycfapp c:\mycfappbinThis sample command compiles all CFML files in c:\mycfapp and places them in c:\mycfappbin.
Building the compiled ColdFusion application into a WAR file ensures that Veracode has the proper context for analyzing your application. To build a WAR file for deployment on an application server:
- Log in to ColdFusion Administrator.
- Choose .
- Add a new archive of type WAR. The application directory is the location of the compiled application, for example: c:\mycfappbin.
- Place the finished WAR archive in the distribution directory.
- Add any related data sources.
- Clear the Include CFML Source checkbox.
- Clear the Include CF Administratorcheckbox.
- Clear the Disable Debugging checkbox.
- Submit and wait for the WAR packaging to complete.
The resulting WAR file might be large, at least 100 MB.
- Upload the resulting WAR file to Veracode.