Hey guys!
I see that this has been resolved in Lucee 6.2+, but we have a client running 5.4.7.3 . Currently, we cannot move to 6 or 7 (we are looking to do it soon, though). Is there an easy way to fix this across multiple servers? We have written a function to set cookies correctly, but we would love to fix it globally per server so we can continue using cfcookie.
NOTE: This is an internal-facing server only.
OS : AMAZON LINUX
Java Version : 1.8.0_392
Tomcat Version : 8.5.23
Lucee Version : 5.4.7.3
1 Like
FYI: I know development is done with 5.4.. . I was just hoping we could make a quick change like the one made to the 6.2 code.
1 Like
yeah, that’s a serious regression due to what I believe is a recent change by cloudflare
I’ve backported this fix to 5.4.8.2-SNAPSHOT (building now)
https://luceeserver.atlassian.net/browse/LDEV-4314?focusedCommentId=61632
Previous changes since 5.4.7.3 stable are
5.4.8.1
add checks to ignore update attempts to lucee 7 which have a loader change (rather than crashing after updates)
5.4.8.0
adds filtering to extensions to hide incompatible newer, i.e. Lucee 7 only extensions from the admin
As this is a minor backported change, after some quick feedback, I’ll drop a new stable 5.4.8 LTS release
update
Due to some tech debt, 5.4 won’t show such older snapshots (it’s limited to the last 400 snapshots), so I’m publishing this as 5.4.8.2-RC
2 Likes
Thanks, @Zackster ! It’s fully deployed and running perfectly. I’ll drop an update in a few days. FYI: The cookie expires issue is working perfectly.
1 Like
@Zackster 48 hours later, and no issues with 5.4.8.2-RC. 386,900 pages processed, and the logs look great. CloudFlare cookie issue 100% resolved
3 Likes
@wwilliams Thanks for reporting this as I hadn’t even noticed how my cookies were being impacted and @Zackster thanks for the super quick backport!
This fix is included in the 6.2.2.54-RC release candidate
Hey everyone, we just published the final release candidate for 6.2.2
This is a minor release, focussed on addressing bugs and improving stability.
[image]
Please try out this build and let us know both if it’s all good and working for you, or if you find any issues we need to address.
Important Changes
Cookie timestamps are now in GMT not UTC, to avoid issues with Cloudflare downgrading cookies to session cookies LDEV-4314
LUCEE_DATETIMEFORMAT_MODE support for using old Lucee 5 behaviour …
and the 5.4.8.2 Stable LTS Release
This is a minor LTS release, performance wise, it’s really worth upgrading to Lucee 6.2 which will be our next LTS release.
[image]
Changelog
https://download.lucee.org/changelog/?version=5.4
Cookie timestamps are now in GMT not UTC, to avoid issues with Cloudflare downgrading cookies to session cookies LDEV-4314
Lucee admin will only show supported extensions, Lucee 6 or 7 extensions are hidden
Supporting Lucee
Just like your favourite Podcasters and Youtubers, we need your financial sup…