Pete Freitag Pete Freitag

Validating HTML/XHTML behind a firewall

Updated on November 14, 2023
By Pete Freitag

Someone asked the question on the evolt mailing list about validating XHTML behind a firewall. The most popular way to validate XHTML is using the w3c HTML validator (, however the only options are to enter a url, or to upload a file. That can be cumbersome, so steve clay wrote a handy php script that crawls a url and uploads the file then displays the results. I ported his script to ColdFusion below. It works great in CFMX, but there are issues in CF5 (cfhttp is url encoding the charset). You might also want to wrap a html tags around this code.

Ported To ColdFusion by Pete Freitag
Based on
License: (GPL) 
<form action="#CGI.SCRIPT_NAME#" method="post">
	<label for="location">Validate Local URL:</label>
	<input type="text" name="location" value="http://#CGI.SERVER_NAME#/" />
	<input type="submit" value="Validate" />

<cfif IsDefined("form.location")>
	<cfset tempFile = GetTempFile(GetTempDirectory(), "validatorFile")>
	<cfhttp url="#form.location#" method="get" path="#GetTempDirectory()#"
		file="#GetFileFromPath(tempFile)#" />
	<cfhttp url="" method="post" resolveurl="yes">
		<cfhttpparam type="formfield" name="charset" value="UTF-8">
		<cfhttpparam type="formfield" name="doctype" value="Inline">
		<cfhttpparam type="formfield" name="ss" value="1"> 
		<cfhttpparam type="formfield" name="verbose" value="1">
		<cfhttpparam type="file" file="#tempFile#" name="uploaded_file">
	<cffile action="delete" file="#tempFile#">

Validating HTML/XHTML behind a firewall was first published on July 30, 2003.


The Fixinator Code Security Scanner for ColdFusion & CFML is an easy to use security tool that every CF developer can use. It can also easily integrate into CI for automatic scanning on every commit.

Try Fixinator

The weekly newsletter for the CFML Community