ColdFusion (CFML) properties
The properties for the fortify-sca.properties file in the following table apply to the translation of CFML code.
| Property name | Description |
|---|---|
|
|
If set to true, OpenText SAST treats undefined variables in CFML pages as tainted. This serves as a hint to the Dataflow Analyzer to watch out for register-globals-style vulnerabilities. However, enabling this property interferes with dataflow findings where a variable in an included page is initialized to a tainted value in an earlier-occurring included page. Value type: Boolean Default: |
|
|
If set to true, make CFML files case-insensitive for applications developed using a case-insensitive file system and scanned on case-sensitive file systems. Value type: Boolean Default: (not enabled) |
|
|
Specifies the base directory for ColdFusion projects. Value type: String (path) Default: (none) Command-line option: |