FAQ

Can ColdFusion Integrate with React or Vue?

by Aaron Longnion
8 min read
Contents show

Definition

Yes. ColdFusion can integrate seamlessly with React or Vue. In simple terms, ColdFusion (CFML engines like Adobe ColdFusion or Lucee) run on the server to provide data via REST/JSON APIs, while React or Vue run in the browser to build the user interface. You can also serve the built SPA assets (HTML/CSS/JS) from ColdFusion and use CF to handle Authentication, Business logic, and database operations. The result is a modern, responsive front end powered by a reliable enterprise-grade back end.

How It Works

Core Integration Pattern

  • ColdFusion exposes data and actions via RESTful endpoints that return JSON.
  • React or Vue apps consume those endpoints using fetch or Axios.
  • A build tool like Vite or Webpack bundles your SPA for production.
  • The static assets are served by ColdFusion’s web server (or a Reverse proxy), while API calls hit CF controllers/components.

Three Typical Architectures

1) CF Serves SPA + API (Single Origin)

  • ColdFusion serves index.html and compiled assets (dist/).
  • API paths are under /rest or /api, implemented in CFML.
  • Pros: No CORS needed; simpler Deployment.
  • Cons: Tighter coupling between front end and back end release cycles.

2) CF as Headless API (Cross-Origin)

  • React/Vue is hosted separately (e.g., Netlify, Vercel, S3/CloudFront).
  • SPA calls ColdFusion API over HTTPS from a different domain.
  • Pros: Independent deployments; scalable front-end hosting.
  • Cons: Requires CORS Configuration and solid auth strategy (JWT or cookies).
See also  Is ColdFusion Hard to Learn for Beginners?

3) SSR or Hybrid

  • Server-side rendering with Node (Next.js/Nuxt) uses CF purely as an API.
  • ColdFusion can also reverse-proxy to a Node renderer.
  • Pros: SEO and Performance on first paint.
  • Cons: More moving parts; DevOps complexity.

Step-by-Step: From ColdFusion API to React/Vue Front End

1) Expose a JSON REST API in ColdFusion

  • Define REST mappings in Application.cfc.
  • Implement REST CFCs that return JSON-friendly data.
  • Handle errors centrally and return consistent responses.

Application.cfc (simplified):

  • this.name = “MyCFApp”;
  • this.restSettings = { cfclocation = “/api” };

Example API CFC (api/Items.cfc):
component rest=”true” restPath=”v1/items” produces=”application/json” {

remote any function list numeric page=1, numeric pageSize=20 httpmethod=”GET” restPath=””
{
var q = queryExecute(
“SELECT id, name, price FROM Items ORDER BY id OFFSET :offset ROWS FETCH NEXT :ps ROWS ONLY”,
{ offset: (page-1)*pageSize, ps: pageSize },
{ datasource: “myDSN” }
);
return { data: q, page: page, pageSize: pageSize };
}

remote any function get required numeric id httpmethod=”GET” restPath=”{id}”
{
var q = queryExecute(
“SELECT id, name, description, price FROM Items WHERE id=:id”,
{ id: id },
{ datasource: “myDSN” }
);
if (q.recordCount == 0) {
cfheader(statuscode=”404″, statustext=”Not Found”);
return { error: “Item not found” };
}
return q[1];
}
}

Tips:

  • Return CF native structures (struct/array/query) and let CF serialize to JSON.
  • Normalize dates to ISO-8601 strings for consistent parsing in the client.

2) Configure CORS if Needed

If the SPA is on a different domain:

  • Use the ColdFusion Administrator CORS settings or add headers:
    • Access-Control-Allow-Origin: https://app.example.com
    • Access-Control-Allow-Credentials: true (if using cookies)
    • Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
    • Access-Control-Allow-Headers: Content-Type, Authorization

3) Choose Authentication

  • Session Cookies: Simple, compatible with CF’s built-in Session management. Set SameSite=Lax/Strict, Secure, HttpOnly.
  • JWT/OAuth2: Use tokens in the Authorization header. Store tokens safely (prefer HTTP-only cookies, or in-memory storage).

ColdFusion has JWT support (or use a library). With JWT, include auth middleware in CF to validate tokens on each request.

4) Consume the API in React

Data fetch example (React):
import { useEffect, useState } from “react”;

function ItemsList() {
const [items, setItems] = useState([]);

useEffect(() => {
fetch(“/rest/v1/items?page=1&pageSize=20”, {
credentials: “include” // if using cookies
})
.then(r => r.json())
.then(json => setItems(json.data || []))
.catch(console.error);
}, []);

return (

    {items.map(i => (
  • {i.name} — ${i.price}

    • ))}

);
}

  • Use react-query or RTK Query for caching, retries, and loading states.

5) Consume the API in Vue

Data fetch example (Vue with Axios):


  • {{ i.name }} — ${{ i.price }}

6) Build and Deploy

  • Build SPA with Vite/Webpack (npm run build).
  • Serve the dist/ folder via ColdFusion’s web root or your web server.
  • Keep API routes under a prefix (/rest or /api) and avoid conflicts with SPA routes.
  • For SPA routing, configure a rewrite rule to serve index.html for non-API paths.
See also  Can ColdFusion Work with Headless CMS?

7) Handle Forms and Uploads

  • Use FormData in the front end and handle with cffile in CF.
  • For JSON POSTs, set Content-Type: application/json and parse the request body with getHttpRequestData().content or use automatic deserialization with rest.

8) Real-Time Features (Optional)

  • ColdFusion has WebSocket support; React/Vue can connect via native WebSocket for Live updates (dashboards, notifications).

Use Cases and Real-World Example

Common Use Cases

  • Modernize legacy CFML apps by replacing views with a React/Vue SPA.
  • Build admin dashboards, customer portals, and reporting UIs with rich interactivity.
  • Create mobile-friendly front ends while keeping CFML Business logic intact.
  • Deliver Headless CMS Features: CF stores content and exposes JSON; React/Vue renders it.

Practical Example: Service Ticket Portal

  • Back end: ColdFusion connects to an existing Oracle database, exposes endpoints:
    • POST /api/v1/login → returns session cookie or JWT.
    • GET /api/v1/tickets?status=open → returns filtered tickets.
    • POST /api/v1/tickets → creates a ticket, sends notifications.
  • Front end: Vue app with Vue Router and Pinia.
    • Login view stores auth state.
    • Tickets view lists, filters, and paginates data from CF endpoints.
    • File attachments handled via multipart FormData; CF writes files to S3 or disk via cffile.
  • Result: Users get a responsive SPA; the company preserves proven CF logic and Security.

Best practices

API Design and Versioning

  • Prefix endpoints with a version (e.g., /api/v1/).
  • Use consistent response envelopes: { data, error, meta }.
  • Document endpoints with OpenAPI/Swagger (ColdBox + cbSwagger is a popular choice).

Security

  • Prefer HTTPS everywhere; set HSTS.
  • Choose either cookie-based sessions with CSRF protection or JWT/OAuth2 with short-lived access tokens and refresh tokens.
  • Validate and sanitize inputs. Use parameterized queries (queryExecute with params).
  • Set CORS tightly; avoid wildcard origins in production.

Performance

  • Use caching (query caching, in-memory caches) for read-heavy endpoints.
  • Return paginated data; avoid giant payloads.
  • Compress responses (GZIP/Brotli) at the web server.
  • Profile Slow queries and add indices.

Project Structure

  • Separate concerns:
    • /api for CFML components (handlers/services/DAOs)
    • /frontend for React/Vue code
    • /dist for built assets
  • Use environment variables (Server settings, .env) for API base URLs and secrets.

Dev Experience

  • Use CommandBox for Lucee/ACF dev servers and task Automation.
  • In development, run Vite dev server with a proxy to ColdFusion APIs to avoid CORS.
  • Add automated tests: CFML unit tests (TestBox) and front-end tests (Vitest/Jest + Playwright).

Observability and Errors

  • Centralize Error handling: cftry/cfcatch at the API layer; return standard error JSON.
  • Log with timestamps and correlation IDs; add request IDs to API responses and logs.
  • Monitor with APM tools and CF Server logs.
See also  Can ColdFusion Run on Linux Servers?

Pros and cons of Using ColdFusion with React/Vue

Pros

Cons

  • Two stacks to maintain (CFML + JS), requiring full-stack discipline.
  • SSR adds complexity if required for SEO-first apps.
  • Must plan CORS, auth, and routing carefully to avoid pitfalls.

Syntax Examples

React fetch with credentials

fetch(“/api/v1/me”, { credentials: “include” })
.then(r => r.json())
.then(console.log);

Axios with token

axios.get(“/api/v1/reports”, {
headers: { Authorization: Bearer ${token} }
});

ColdFusion set CORS headers (simple)


Key Takeaways

  • ColdFusion integrates well with React/Vue by acting as a JSON REST API and optionally serving the SPA assets.
  • Choose an Architecture: single origin, headless API, or SSR/hybrid based on SEO, deployment, and team needs.
  • Pay special attention to authentication, CORS, security, and routing to ensure a smooth Integration.
  • Use modern tooling: Vite/Webpack, CommandBox, and testing frameworks to streamline development and CI/CD.
  • You can modernize legacy CF apps incrementally by migrating views to a SPA while reusing proven CFML services.

FAQ

How do I avoid CORS issues when my React/Vue app is separate from ColdFusion?

Use a proxy in development (Vite devServer proxy) and configure CORS in production with explicit allowed origins, methods, headers, and credentials. Alternatively, deploy the SPA and API under the same domain to avoid CORS.

Should I use JWT or session cookies with ColdFusion?

Both work. Session cookies are simple and leverage CF’s Session management; set SameSite, Secure, and HttpOnly. JWTs are better for stateless APIs or multi-client scenarios; pair short-lived access tokens with refresh tokens and store them securely.

Can ColdFusion handle Server-side rendering for React/Vue?

ColdFusion doesn’t render React/Vue components server-side. For SSR, use Node-based frameworks (Next.js/Nuxt). ColdFusion remains the API (and optionally Reverse proxy) while Node handles rendering.

What is the easiest way to serve a Vue/React build from ColdFusion?

Build with Vite/Webpack to a dist/ directory and place it under the CF web root. Configure your web server to serve static assets and rewrite non-API routes to index.html. Keep API paths under a clear prefix like /api or /rest.

Does Lucee differ from Adobe ColdFusion for this integration?

Both engines work well. Differences include Configuration locations and available built-in features (e.g., JWT functions). Most patterns—REST CFCs, JSON responses, CORS, and session handling—apply to both with minor adjustments.

About the author

Aaron Longnion

Aaron Longnion

Hey there! I'm Aaron Longnion — an Internet technologist, web software engineer, and ColdFusion expert with more than 24 years of experience. Over the years, I've had the privilege of working with some of the most exciting and fast-growing companies out there, including lynda.com, HomeAway, landsofamerica.com (CoStar Group), and Adobe.com.

I'm a full-stack developer at heart, but what really drives me is designing and building internet architectures that are highly scalable, cost-effective, and fault-tolerant — solutions built to handle rapid growth and stay ahead of the curve.

View all posts

You may also like