Don’t Forget to Scope CFHTTP

I ran into a nasty MXNA 2.0 bug last week. As many of you noticed, we had a case
where one person’s posts were attributed to someone else. I was stumped for about
an hour as I went through lots of lines of code, and long spells of staring into
space and contemplating. Then it hit me that since this has only happened one time
in all the thousands of posts MXNA 2.0 has aggregated, it must be a concurrency

And it was. MXNA 2.0 uses cached instances of parser components, and in one of
those components was a CFHTTP tag that wasn’t scoped, or "VARed". Just
the right sequence of events caused the variable cfhttp.fileContent to be overwritten
with a string from someone else’s feed. It’s a one in a million shot, but it happened
once, and it would have happened again given enough time.

If you’re using CFHTTP in a component, and you’re using CF 7.0, your code should
look like this:

<cfset var foo = 0/>
<cfhttp result="foo".../>

If you’re using CF 6.x, it should look like this:

<cfset var cfhttp.fileContent = 0/>
<cfhttp .../>

Note: I owe Sean Corfield a big thanks for helping me track this down.