search
githubEdit

Configuration

CBWIRE provides extensive configuration options to customize its behavior for your application needs. You can override the default settings by adding configuration in your ColdBox application's config/ColdBox.bx for BoxLang or config/ColdBox.cfc for CFML.

All CBWIRE configuration is placed within the moduleSettings struct under the cbwire key. Here's a complete example showing all available configuration options with their default values:

// config/ColdBox.bx
class {
    function configure() {
        moduleSettings = {
            "cbwire": {
                // Asset Management
                "autoInjectAssets": true,
                "moduleRootURL": "/modules/cbwire",
                
                // Component Configuration
                "wiresLocation": "wires",
                "trimStringValues": false,
                "throwOnMissingSetterMethod": false,
                
                // Request Handling
                "updateEndpoint": "/cbwire/update",
                "maxUploadSeconds": 300, // 5 minutes
                "uploadsStoragePath": "", // Custom temporary storage path for file uploads
                "storagePath": "", // Custom storage path for component compilation
                
                // UI Features
                "showProgressBar": true,
                "progressBarColor": "#2299dd",
                
                // Security
                "csrfEnabled": true,
                "csrfStorage": "SessionCSRFStorage@cbwire",
                "checksumValidation": true
            }
        };
    }
}

hashtag
Asset Management

hashtag
autoInjectAssets

Controls whether CBWIRE automatically includes its CSS and JavaScript assets in your pages. When enabled, you don't need to manually add wireStyles() in your layout's <head> or wireScripts() before the closing </body> tag.

Default: true

When disabled, you'll need to manually include the assets in your layout:

hashtag
moduleRootURL

Specifies the root URL path for CBWIRE module assets and endpoints. Useful when your application is deployed in a subdirectory or when using custom URL mappings.

Default: /modules/cbwire

circle-info

Setting autoInjectAssets to false is useful when you want more control over when and how CBWIRE assets are loaded, or when implementing custom asset optimization strategies.

hashtag
Component Configuration

hashtag
wiresLocation

Defines the directory where your CBWIRE components are stored, relative to your application root. This affects component auto-discovery and naming conventions.

Default: wires

hashtag
trimStringValues

When enabled, automatically trims whitespace from string values in component data properties during updates. This is particularly useful for form inputs where users might accidentally include leading or trailing spaces.

Default: false

You can also enable this setting on individual components:

circle-exclamation

Changing the wiresLocation after components have been created will require updating your component references and possibly your routing configuration.

hashtag
throwOnMissingSetterMethod

Controls whether CBWIRE throws an exception when trying to set a property that doesn't have a corresponding setter method. When disabled, missing setters are silently ignored.

Default: false

hashtag
Request Handling

hashtag
updateEndpoint

Sets the URI endpoint where CBWIRE processes component updates and actions. You may need to modify this if URL rewriting is disabled or if you're using custom routing.

Default: /cbwire/updates

hashtag
maxUploadSeconds

Specifies the maximum time (in seconds) allowed for file upload operations to complete. This prevents long-running uploads from consuming server resources indefinitely.

Default: 300 (5 minutes)

hashtag
uploadsStoragePath

Configures a custom directory path for temporary file uploads. This is particularly useful in distributed server environments where you need to share temporary files across multiple front-end servers.

Default: getTempDirectory() & "/cbwire" (system temporary directory)

When set, CBWIRE will use this directory instead of the system's temporary directory for uploaded files. This enables scenarios such as:

  • Sharing temporary uploads across clustered servers using a network-mounted directory

  • Using a specific disk volume optimized for temporary file operations

  • Implementing custom cleanup or monitoring policies on temporary file storage

See the File Uploads documentation for details on how uploaded files are stored and managed.

circle-info

Ensure the configured path exists and has appropriate read/write permissions for your application server.

hashtag
storagePath

Configures a custom directory path for single-file component compilation. When CBWIRE compiles single-file components (.bxm files with embedded code), it stores the compiled component classes in this directory.

Default: {module}/models/tmp (CBWIRE module's internal directory)

circle-exclamation

The storagePath must be within a directory accessible to WireBox for component instantiation. Unlike uploadsStoragePath which can use any directory, this path requires proper classpath configuration.

circle-info

When URL rewriting is disabled, remember to include /index.cfm in your updateEndpoint configuration.

hashtag
UI Features

hashtag
showProgressBar

Controls whether a progress bar appears at the top of the page during wire:navigate operations. The progress bar provides visual feedback during page transitions.

Default: true

hashtag
progressBarColor

Customizes the color of the progress bar displayed during wire:navigate operations. Accepts any valid CSS color value.

Default: #2299dd

circle-info

The progress bar only appears when using wire:navigate for page transitions. Standard CBWIRE component updates don't trigger the progress bar.

hashtag
Security Configuration

hashtag
csrfEnabled

Enables Cross-Site Request Forgery (CSRF) protection for CBWIRE requests. When enabled, all component actions require a valid CSRF token. CSRF protection is enabled by default in CBWIRE 5.x.

Default: true

hashtag
csrfStorage

Specifies the storage implementation used to store CSRF tokens. CBWIRE provides two built-in implementations: SessionCSRFStorage@cbwire (default, recommended) for session-based storage, and CacheCSRFStorage@cbwire for cache-based storage in distributed environments.

Default: SessionCSRFStorage@cbwire

See the Security documentation for complete details on CSRF protection, including custom storage implementations.

circle-info

Session-based CSRF storage (default) follows OWASP recommendations and eliminates "Page Expired" errors common with cache-based approaches.

hashtag
checksumValidation

Enables or disables checksum validation for component payloads. This security feature validates the integrity of data sent between the client and server to prevent tampering.

Default: true

circle-info

We recommend always leaving checksum validation enabled for security, but you can disable it as needed for debugging or specific use cases.

circle-info

All configuration options are optional. CBWIRE will use sensible defaults if no custom configuration is provided.

PreviousGetting StartedNextReleases

Last updated

Was this helpful?