Have you ever had the need to use a label control, but you don’t need the span tag that the control automatically wraps around the text? Switch your control over to the Literal control instead. It serves the same general purpose as the label control, but will not wrap your output in those pesky span tags.

 C# | 
 copy code |
?
 
1
2
<asp:literal text="Some random value" runat="server" id="myControl"></asp:literal>
3

You can then use your normal server side code to the change the value, just as you would the label control:

 C# | 
 copy code |
?
 
1
2
myControl.Text = "My new random value"
3

This is just a quick note that Adobe has released the public beta versions of ColdFusion 9 and the new ColdFusion Builder. Download links are below. I would also like to point out that while you try these versions out, please report any bugs you find to Adobe. This will benefit them by allowing them to address the issues and it will benefit the community as a whole, as in the end it makes for a better more stable product.

Download ColdFusion 9 Beta

Download ColdFusion Builder Beta

Adobe has just released the hotfix for the FCKEditor security issue. You can read about and download the hotfix directly from Adobe.

A summary of the potential exploit taken from the Adobe security bulletin:

A vulnerability in FCKEditor, which is included as part of ColdFusion 8, could allow a remote attacker to upload files in arbitrary directories which could lead to a system compromise. This hotfix updates the version of FCKEditor included with ColdFusion 8, turns off file upload capabilities by default, restricts access to cfm files in the FCKeditor\editor\filenamanger directory, and limits file upload capabilities to users with valid sessions. This issue is remotely exploitable. There are reports that this issue is being exploited in the wild.

Last night Google dropped some very big news to the world: Google Chrome OS. Yes, you heard that right, Google will be releasing a new operating system. From the small details that were revealed, the OS will be based on a Linux kernel and will first be targeted to netbooks and will be open source. Google is already working with hardware vendors and claim you will be able to purchase a netbook powered by Google Chrome OS sometime in 2010.

The interesting piece of this news is the OS will be built in a way that most of the user experience will take place over the web. So according to Google your apps that run on the new OS will also be able to be used on any of standards compliant web browsers. I was surprised at this news as I am sure some other makers out there were as well.

You can read the full post from Google on their blog.

While reading through some of the ColdFusion blogs the last couple of days, I think one issue has been missed: The security vulnerability in FCKEditor exists outside of ColdFusion. In other words, if you are using the FCKEditor tool outside of ColdFusion, or your ColdFusion site uses the stand alone version (and not the embedded version with ColdFusion), this issue can leave your site open to an attack. The major error on Adobe’s part seems to be that the 8.0.1 updater introduced this issue by enabling uploads in the file upload connector. The embedded version of this editor in ColdFusion does not allow file uploads, so this feature should be disabled.

For those of you who own or maintain sites that use Authorize.NET to process transactions, you may have noticed a severe outage of the service over the weekend. Twitter was abuzz with the issues that according to the folks at Authorize.Net was due to a fire at their main data center. Apparantly this affected all of the company’s systems, even their backup systems. Whatever happened to someone making sure their was not a single point of failure?