The forum operates in read-only mode. Please head to StackOverflow for support.

Wed, 08/12/2009 - 18:25

Joined: 12/08/2009

Posts: 1

ColdFusion connector XML "Access Denied" error

My site recently began throwing an error when I attempt to use the fck image selector (coming from the server). No code had changed, although the host company had recently applied a ColdFusion/FCKeditor patch for the known vulnerability. I first tried updating to the most recent stable version of the FCKeditor, but that has had no effect. My error is this:

XML request error: Access denied. (403)

Requested URL:
http://[mydomain]/admin/fckeditor/editor/filemanager/connectors/cfm/connector.cfm?Command=GetFoldersAndFiles&Type=Image&CurrentFolder=%2F&uuid=1250092856109

Response text:
<head><title>JRun Servlet Error</title></head><h1>403 </h1><body>
<pre>
Access denied.</pre></body>

Has anyone else run into this recently and been able to solve the problem? I tried making the permissions on the UserFiles directory & sub-directories wide open (which we obviously would not want to do long term), but that hasn't made any difference.

Thu, 08/13/2009 - 22:54

pauaware

Joined: 13/08/2009

Posts: 3

Re: ColdFusion connector XML "Access Denied" error

Getting this error too on CF8.01 ... did you solve it ?

Sat, 08/22/2009 - 22:24

codejockey

Joined: 22/08/2009

Posts: 2

Re: ColdFusion connector XML "Access Denied" error

I'm having the same problem on UplinkEarth with CF MX. Has anybody figured out a solution? UplinkEarth is no help whatsoever.

Wed, 08/26/2009 - 20:26

jasonholden

Joined: 26/08/2009

Posts: 1

Re: ColdFusion connector XML "Access Denied" error

If you've applied the FCKEditor vulnerability patch:
http://www.adobe.com/support/security/b ... 09-09.html

Add this to your JVM args in jvm.config:
-Dcoldfusion.fckupload=true

The updated JAR seems to have a built-in request filter for anything in a filemanager folder. I tested it by moving a simple CFM page up the directory tree until it worked.

CAREFUL about copying an pasting the required argument. Hidden carriage returns will cause CF to fail on startup.

Fri, 08/28/2009 - 18:02

codejockey

Joined: 22/08/2009

Posts: 2

Re: ColdFusion connector XML "Access Denied" error

I'm seriously doubting that my shared hosting environment will make that change. I wonder if I can rename the folder and modify the paths in the files...

Thanks very much for your response!

Mon, 09/14/2009 - 16:48

winterjunkie

Joined: 14/09/2009

Posts: 1

Re: ColdFusion connector XML "Access Denied" error

I'm having this problem on a shared hosting site as well. Did you find a solution?

Thu, 09/17/2009 - 06:13

pauaware

Joined: 13/08/2009

Posts: 3

Re: ColdFusion connector XML "Access Denied" error

Still looking for anyone who's solved this or can point towards what's causing the denial ... running local FCK 2.6.4.1 (no CKfinder) on CF 8.01 with the Adobe FCK 'hotfix' ... JRun Servlet Error / 403 persist

Thu, 09/17/2009 - 18:18

benthefolker

Joined: 17/09/2009

Posts: 1

Re: ColdFusion connector XML "Access Denied" error

I'm having the same issue. Has anyone found a fix?

Fri, 09/18/2009 - 02:37

pauaware

Joined: 13/08/2009

Posts: 3

Re: ColdFusion connector XML "Access Denied" error

Initial testing on our shared host shows that the 8.01 cumulative hotfix patch is blocking all references to /FCKEditor/. Try renaming your local /FCKEditor/ dir to /SomethingElse/ and then altering paths to point to new dir in your cfmodule calls. More when this is confirmed on multiple sites.