diff --git a/Application.cfc b/Application.cfc
index 20ddfe221..66817f2cd 100644
--- a/Application.cfc
+++ b/Application.cfc
@@ -457,13 +457,6 @@
 			<cfset healthcheckReady()>
 		</cfif>
 
-		<!--- block requests to /farcry paths with the exception of webtop --->
-		<cfif left(cgi.script_name, 7) eq "/farcry" AND NOT left(cgi.script_name, len(application.url.webtop)) eq application.url.webtop>
-			<cfset oError = createobject("component","farcry.core.packages.lib.error") />
-			<cfset oError.showErrorPage("404 Page missing",oError.create404Error("Bad request")) />
-			<cfabort />
-		</cfif>
-
 		<!--- If a session switch was requested, do that now --->
 		<cfif structKeyExists(url, "switchsession")>
 			<cfset application.fc.lib.session.switchSession(url.switchsession) />
@@ -489,6 +482,13 @@
 		
 		<!--- Initialize the request as a farcry application --->
 		<cfset farcryRequestInit() />
+
+		<!--- block requests to /farcry paths with the exception of webtop --->
+		<cfif left(cgi.script_name, 8) eq "/farcry/" AND NOT left(cgi.script_name, len(application.url.webtop)) eq application.url.webtop>
+			<cfset oError = createobject("component","farcry.core.packages.lib.error") />
+			<cfset oError.showErrorPage("404 Page missing",oError.create404Error("Bad request")) />
+			<cfabort />
+		</cfif>
 	
 		
 		<!---
diff --git a/packages/cdn/ftp.cfc b/packages/cdn/ftp.cfc
index 4747bba6a..ec8ccc75f 100644
--- a/packages/cdn/ftp.cfc
+++ b/packages/cdn/ftp.cfc
@@ -91,6 +91,10 @@
 		<cfelse>
 			<cfset application.fapi.throw(message="no '{1}' value defined",type="cdnconfigerror",detail=serializeJSON(arguments.config),substituteValues=[ 'urlPathPrefix' ]) />
 		</cfif>
+
+		<cfif not structkeyexists(st,"bDebug")>
+			<cfset st["bDebug"] = false />
+		</cfif>
 		
 		<cfreturn st />
 	</cffunction>
diff --git a/packages/cdn/local.cfc b/packages/cdn/local.cfc
index d15c8f9c5..8f7f394f8 100644
--- a/packages/cdn/local.cfc
+++ b/packages/cdn/local.cfc
@@ -27,6 +27,10 @@
 			<cfset st.urlpath = rereplacenocase(st.urlpath,"^https?:","") />
 		</cfif>
 		
+		<cfif not structkeyexists(st,"bDebug")>
+			<cfset st["bDebug"] = false />
+		</cfif>
+		
 		<cfreturn st />
 	</cffunction>
 	
diff --git a/packages/cdn/s3.cfc b/packages/cdn/s3.cfc
index 1d6d076ce..0c9e834b5 100644
--- a/packages/cdn/s3.cfc
+++ b/packages/cdn/s3.cfc
@@ -16,7 +16,7 @@
 			
 			<cfloop query="qLeftovers">
 				<cffile action="delete" file="#qLeftovers.Directory#/#qLeftovers.name#" />
-				<cflog file="s3" text="Init: removed cached file #qLeftovers.Directory#/#qLeftovers.name#">
+				<cflog file="#application.applicationname#_s3" text="Init: removed cached file #qLeftovers.Directory#/#qLeftovers.name#" type="information">
 			</cfloop>
 		</cfif>
 		
@@ -47,14 +47,27 @@
 		</cfif>
 		
 		<cfif not structkeyexists(st,"domain")>
+			<cfset st.domainType = "s3" />
 			<cfif not structkeyexists(arguments.config,"region") or not len(arguments.config.region) or arguments.config.region eq "us-east-1">
 				<cfset st.domain = "s3.amazonaws.com" />
 			<cfelse>
 				<cfset st.domain = "s3-#st.region#.amazonaws.com" />
 			</cfif>
-			<cfset st.domainType = "s3" />
+			<cfif find(".", st.bucket)>
+				<cfset st.apiEndpoint = st.domain />
+				<cfset st.apiEndpointPrefix = "/#st.bucket#">
+			<cfelse>
+				<cfset st.apiEndpoint = "#st.bucket#.s3.amazonaws.com">
+				<cfset st.apiEndpointPrefix = "">
+			</cfif>
 		<cfelse>
 			<cfset st.domainType = "custom" />
+			<cfif not structkeyexists(arguments.config,"region") or not len(arguments.config.region) or arguments.config.region eq "us-east-1">
+				<cfset st.apiEndpoint = "s3.amazonaws.com" />
+			<cfelse>
+				<cfset st.apiEndpoint = "s3-#st.region#.amazonaws.com" />
+			</cfif>
+			<cfset st.apiEndpointPrefix = "/#st.bucket#">
 		</cfif>
 		
 		<cfif structkeyexists(st,"acl") and not isarray(arguments.config.acl)>
@@ -141,6 +154,10 @@
 			<cfset application.fapi.throw(message="the 'sMaxAge' value must be an integer",type="cdnconfigerror",detail=serializeJSON(sanitiseS3Config(arguments.config))) />
 		</cfif>
 		
+		<cfif not structkeyexists(st,"bDebug")>
+			<cfset st["bDebug"] = false />
+		</cfif>
+		
 		<cfreturn st />
 	</cffunction>
 	
@@ -189,18 +206,21 @@
 		<cfset this.cacheMap[arguments.config.name][arguments.file].touch = now() />
 		<cfset this.cacheMap[arguments.config.name][arguments.file].path = arguments.path />
 		
-		<cflog file="#application.applicationname#_s3" text="Added [#arguments.config.name#] #sanitiseS3URL(arguments.file)# to local cache" />
+		<cfif arguments.config.bDebug><cflog file="#application.applicationname#_s3" text="Added [#arguments.config.name#] #sanitiseS3URL(arguments.file)# to local cache" /></cfif>
 		
 		<!--- Remove old files --->
+		<cflock name="s3addCachedFile_#application.applicationname#" type="exclusive" timeout="5">
 		<cfif structcount(this.cacheMap[arguments.config.name]) gte arguments.config.localCacheSize>
 			<cfloop collection="#this.cacheMap[arguments.config.name]#" item="thisfile">
 				<cfif this.cacheMap[arguments.config.name][thisfile].touch lt oldesttouch>
 					<cfset oldest = thisfile />
+					<cfset oldesttouch = this.cacheMap[arguments.config.name][thisfile].touch>
 				</cfif>
 			</cfloop>
 			
 			<cfset removeCachedFile(config=arguments.config,file=oldest) />
 		</cfif>
+		</cflock>
 	</cffunction>
 	
 	<cffunction name="removeCachedFile" returntype="void" access="public" output="false" hint="Removes a file from the local cache">
@@ -220,7 +240,7 @@
 			
 			<cfset structdelete(this.cacheMap[arguments.config.name],arguments.file) />
 			
-			<cflog file="#application.applicationname#_s3" text="Removed [#arguments.config.name#] #sanitiseS3URL(arguments.file)# from local cache" />
+			<cfif arguments.config.bDebug><cflog file="#application.applicationname#_s3" text="Removed [#arguments.config.name#] #sanitiseS3URL(arguments.file)# from local cache" /></cfif>
 		</cfif>
 	</cffunction>
 	
@@ -238,10 +258,11 @@
 	</cffunction>
 	
 	<cffunction name="deleteTemporaryFile" returntype="void" access="public" output="false" hint="Removes the specified temporary file">
+		<cfargument name="config" type="struct" required="true" />
 		<cfargument name="file" type="string" required="true" />
 		
 		<cffile action="delete" file="#arguments.file#" />
-		<cflog file="debug" text="deleting #arguments.file# #serializeJSON(appliation.fc.lib.error.getStack(bIgnoreJava=true))#">
+		<cfif arguments.config.bDebug><cflog file="#application.applicationname#_s3" text="deleting #arguments.file# #serializeJSON(appliation.fc.lib.error.getStack(bIgnoreJava=true))#"></cfif>
 	</cffunction>
 	
 	
@@ -345,11 +366,7 @@
 		<!--- Query parameters --->
 		<cfif isStruct(arguments.queryParams)>
 			<cfloop list="#listSort(structKeyList(arguments.queryParams), 'textnocase')#" index="key">
-				<cfif key eq "acl" and arguments.queryParams[key] eq "">
-					<cfset result[3] = listAppend(result[3], S3URLEncode(key) & "=" & S3URLEncode(arguments.queryParams[key]), "&") />
-				<cfelse>
-					<cfset result[3] = listAppend(result[3], S3URLEncode(key)) />
-				</cfif>
+				<cfset result[3] = listAppend(result[3], S3URLEncode(key) & "=" & S3URLEncode(arguments.queryParams[key]), "&") />
 			</cfloop>
 		</cfif>
 
@@ -397,7 +414,7 @@
 		<cfset var signingKey = "" />
 		<cfset var signature = "" />
 
-		<cfset arguments.headers["host"] = "#arguments.config.bucket#.s3.amazonaws.com" />
+		<cfset arguments.headers["host"] = "#arguments.config.apiEndpoint#" />
 
 		<cfset canonicalRequest = getCanonicalRequest(argumentCollection=arguments) />
 		<cfset stringToSign = getStringToSign(arguments.timestamp, scope, canonicalRequest) />
@@ -522,7 +539,7 @@
 					config=arguments.config,
 					timestamp=currentDate,
 					method=arguments.method,
-					path=urlpath,
+					path=arguments.config.apiEndpointPrefix & urlPath,
 					queryParams=queryParams
 				) />
 
@@ -530,7 +547,7 @@
 			</cfif>
 			
 			<cfif arguments.config.domainType eq "s3" or arguments.s3Path>
-				<cfset urlpath = "//#arguments.config.bucket#.s3.amazonaws.com" & urlpath />
+				<cfset urlpath = "//#arguments.config.apiEndpoint##arguments.config.apiEndpointPrefix#" & urlpath />
 			<cfelse>
 				<cfset urlpath = "//" & arguments.config.domain & urlpath />
 			</cfif>
@@ -589,13 +606,13 @@
 			config=arguments.config,
 			timestamp=timestamp,
 			method="HEAD",
-			path=urlPath,
+			path=arguments.config.apiEndpointPrefix & urlPath,
 			headers=stHeaders,
 			unsignedPayload=true
 		) />
 
 		<!--- REST call --->
-		<cfhttp method="HEAD" url="https://#arguments.config.bucket#.s3.amazonaws.com#urlPath#" charset="utf-8" result="stResponse" timeout="1800">
+		<cfhttp method="HEAD" url="https://#arguments.config.apiEndpoint##arguments.config.apiEndpointPrefix##urlPath#" charset="utf-8" result="stResponse" timeout="1800">
 			<!--- Amazon Global Headers --->
 			<cfhttpparam type="header" name="Date" value="#timestamp#" />
 			<cfhttpparam type="header" name="Authorization" value="#signature#" />
@@ -689,11 +706,11 @@
 				<cfset imageWrite(arguments.data,tmpfile,arguments.quality,true) />
 			</cfcase>
 		</cfswitch>
-		<cflog file="#application.applicationname#_s3" text="Wrote [#arguments.config.name#] #sanitiseS3URL(arguments.file)# to temporary file #tmpfile#" />
+		<cfif arguments.config.bDebug><cflog file="#application.applicationname#_s3" text="Wrote [#arguments.config.name#] #sanitiseS3URL(arguments.file)# to temporary file #tmpfile#" /></cfif>
 		
 		<!--- Move file to S3 --->
 		<cfset ioMoveFile(source_localpath=tmpfile,dest_config=arguments.config,dest_file=arguments.file) />
-		<cflog file="#application.applicationname#_s3" text="Wrote [#arguments.config.name#] #sanitiseS3URL(arguments.file)# to S3" />
+		<cfif arguments.config.bDebug><cflog file="#application.applicationname#_s3" text="Wrote [#arguments.config.name#] #sanitiseS3URL(arguments.file)# to S3" /></cfif>
 	</cffunction>
 	
 	<cffunction name="ioReadFile" returntype="any" access="public" output="false" hint="Reads from the specified file">
@@ -723,7 +740,7 @@
 					</cfcase>
 				</cfswitch>
 				
-				<cflog file="#application.applicationname#_s3" text="Read [#arguments.config.name#] #sanitiseS3URL(arguments.file)# from local cache" />
+				<cfif arguments.config.bDebug><cflog file="#application.applicationname#_s3" text="Read [#arguments.config.name#] #sanitiseS3URL(arguments.file)# from local cache" /></cfif>
 				
 			<cfelse>
 
@@ -750,15 +767,15 @@
 					<cfset addCachedFile(config=arguments.config,file=arguments.file,path=tmpfile) />
 				<cfelse>
 					<!--- Delete temporary file --->
-					<cfset deleteTemporaryFile(tmpfile) />
+					<cfset deleteTemporaryFile(arguments.config, tmpfile) />
 				</cfif>
 				
-				<cflog file="#application.applicationname#_s3" text="Read [#arguments.config.name#] #sanitiseS3URL(arguments.file)# from S3" />
+				<cfif arguments.config.bDebug><cflog file="#application.applicationname#_s3" text="Read [#arguments.config.name#] #sanitiseS3URL(arguments.file)# from S3" /></cfif>
 				
 			</cfif>
 
 			<cfcatch>
-				<cflog file="#application.applicationname#_s3" text="Error reading [#arguments.config.name#] #sanitiseS3URL(arguments.file)#: #cfcatch.message#" />
+				<cflog file="#application.applicationname#_s3" text="Error reading [#arguments.config.name#] #sanitiseS3URL(arguments.file)#: #cfcatch.message# #cfcatch.detail#" type="error" />
 				<cfrethrow>
 			</cfcatch>
 		</cftry>
@@ -780,7 +797,18 @@
 		<cfset var tmpfile = "" />
 		<cfset var stAttrs = structnew() />
 		<cfset var cachePath = "" />
-		
+		<cfif IsNull(arguments.source_config)>
+			<cfset var sDebug = false>
+		<cfelse>
+			<cfset var sDebug = arguments.source_config.bDebug>
+		</cfif>
+		<cfif IsNull(arguments.dest_config)>
+			<cfset var dDebug = false>
+		<cfelse>
+			<cfset var dDebug = arguments.dest_config.bDebug>
+		</cfif>		
+		<cfset var bDebug = sDebug OR dDebug>
+
 		<cfif structkeyexists(arguments,"source_config") and structkeyexists(arguments,"dest_config")>
 			
 			<!--- Inter-bucket move --->
@@ -792,7 +820,7 @@
 			<cfset ioMoveFile(source_config=arguments.source_config,source_file=arguments.source_file,dest_localpath=tmpfile) />
 			<cfset ioMoveFile(source_localpath=tmpfile,dest_config=arguments.dest_config,dest_file=arguments.dest_file) />
 			
-			<cflog file="#application.applicationname#_s3" text="Moved [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#" />
+			<cfif bDebug><cflog file="#application.applicationname#_s3" text="Moved [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#" /></cfif>
 			
 		<cfelseif structkeyexists(arguments,"source_config")>
 			
@@ -804,7 +832,7 @@
 				
 				<cfset ioDeleteFile(config=arguments.source_config,file=arguments.source_file) />
 				
-				<cflog file="#application.applicationname#_s3" text="Moved [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# from cache to #sanitiseS3URL(arguments.dest_localpath)#" />
+				<cfif bDebug><cflog file="#application.applicationname#_s3" text="Moved [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# from cache to #sanitiseS3URL(arguments.dest_localpath)#" /></cfif>
 				
 			<cfelse>
 			
@@ -819,7 +847,7 @@
 				<cffile action="copy" source="#sourcefile#" destination="#destfile#" mode="664" nameconflict="overwrite" />
 				<cffile action="delete" file="#sourcefile#" />
 				
-				<cflog file="#application.applicationname#_s3" text="Moved [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# from S3 to #sanitiseS3URL(destfile)#" />	
+				<cfif bDebug><cflog file="#application.applicationname#_s3" text="Moved [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# from S3 to #sanitiseS3URL(destfile)#" /></cfif>
 				
 			</cfif>
 			
@@ -830,7 +858,7 @@
 				<cfset updateACL(config=arguments.dest_config,file=dest_file) />
 				
 				<cfcatch>
-					<cflog file="#application.applicationname#_s3" text="Error moving #sanitiseS3URL(arguments.source_localpath)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#: #cfcatch.message#" />
+					<cflog file="#application.applicationname#_s3" text="Error moving #sanitiseS3URL(arguments.source_localpath)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#: #cfcatch.message#" type="error" />
 					<cfrethrow>
 				</cfcatch>
 			</cftry>
@@ -845,7 +873,7 @@
 				<cffile action="delete" file="#arguments.source_localpath#" />
 			</cfif>
 			
-			<cflog file="#application.applicationname#_s3" text="Moved #sanitiseS3URL(arguments.source_localpath)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#" />
+			<cfif bDebug><cflog file="#application.applicationname#_s3" text="Moved #sanitiseS3URL(arguments.source_localpath)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#" /></cfif>
 			
 		</cfif>
 		
@@ -865,7 +893,19 @@
 		<cfset var tmpfile = "" />
 		<cfset var stAttrs = structnew() />
 		<cfset var cachePath = "" />
-		
+
+		<cfif IsNull(arguments.source_config)>
+			<cfset var sDebug = false>
+		<cfelse>
+			<cfset var sDebug = arguments.source_config.bDebug>
+		</cfif>
+		<cfif IsNull(arguments.dest_config)>
+			<cfset var dDebug = false>
+		<cfelse>
+			<cfset var dDebug = arguments.dest_config.bDebug>
+		</cfif>		
+		<cfset var bDebug = sDebug OR dDebug>
+
 		<cfif structkeyexists(arguments,"source_config") and structkeyexists(arguments,"dest_config")>
 		
 			<!--- Inter-bucket copy --->
@@ -877,7 +917,7 @@
 			<cfset ioCopyFile(source_config=arguments.source_config,source_file=arguments.source_file,dest_localpath=tmpfile) />
 			<cfset ioMoveFile(source_localpath=tmpfile,dest_config=arguments.dest_config,dest_file=arguments.dest_file) />
 			
-			<cflog file="#application.applicationname#_s3" text="Copied [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#" />
+			<cfif bDebug><cflog file="#application.applicationname#_s3" text="Copied [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#" /></cfif>
 			
 		<cfelseif structkeyexists(arguments,"source_config")>
 			
@@ -887,7 +927,7 @@
 				
 				<cffile action="copy" source="#cachePath#" destination="#arguments.dest_localpath#" mode="664" nameconflict="overwrite" />
 				
-				<cflog file="#application.applicationname#_s3" text="Copied [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# from cache to #sanitiseS3URL(arguments.dest_localpath)#" />
+				<cfif bDebug><cflog file="#application.applicationname#_s3" text="Copied [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# from cache to #sanitiseS3URL(arguments.dest_localpath)#" /></cfif>
 				
 			<cfelse>
 			
@@ -907,7 +947,7 @@
 					<cfset addCachedFile(config=arguments.source_config,file=arguments.source_file,path=tmpfile) />
 				</cfif>
 				
-				<cflog file="#application.applicationname#_s3" text="Copied [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# from S3 to #sanitiseS3URL(destfile)#" />
+				<cfif bDebug><cflog file="#application.applicationname#_s3" text="Copied [#arguments.source_config.name#] #sanitiseS3URL(arguments.source_file)# from S3 to #sanitiseS3URL(destfile)#" /></cfif>
 				
 			</cfif>
 			
@@ -921,7 +961,7 @@
 				<cfset updateACL(config=arguments.dest_config,file=dest_file) />
 				
 				<cfcatch>
-					<cflog file="#application.applicationname#_s3" text="Error copying #sanitiseS3URL(arguments.source_localpath)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.source_file)#: #cfcatch.message#" />
+					<cflog file="#application.applicationname#_s3" text="Error copying #sanitiseS3URL(arguments.source_localpath)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.source_file)#: #cfcatch.message#" type="error" />
 					<cfrethrow>
 				</cfcatch>
 			</cftry>
@@ -932,7 +972,7 @@
 				<cfset addCachedFile(config=arguments.dest_config,file=arguments.dest_file,path=tmpfile) />
 			</cfif>
 			
-			<cflog file="#application.applicationname#_s3" text="Copied #sanitiseS3URL(arguments.source_localpath)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#" />
+			<cfif bDebug><cflog file="#application.applicationname#_s3" text="Copied #sanitiseS3URL(arguments.source_localpath)# to [#arguments.dest_config.name#] #sanitiseS3URL(arguments.dest_file)#" /></cfif>
 			
 		</cfif>
 	</cffunction>
@@ -947,7 +987,7 @@
 			<cfset removeCachedFile(config=arguments.config,file=arguments.file) />
 		</cfif>
 		
-		<cflog file="#application.applicationname#_s3" text="Deleted [#arguments.config.name#] #sanitiseS3URL(arguments.file)#" />
+		<cfif arguments.config.bDebug><cflog file="#application.applicationname#_s3" text="Deleted [#arguments.config.name#] #sanitiseS3URL(arguments.file)#" /></cfif>
 	</cffunction>
 	
 	<cffunction name="ioDirectoryExists" returntype="boolean" access="public" output="false" hint="Checks that a specified path exists">
@@ -981,13 +1021,13 @@
 		<cfargument name="listinfo" type="string" required="false" default="name" hint="name or all" />
 		
 		<cfset var qDir = "" />
-		<cfset var s3path = "s3://#arguments.config.accessKeyId#:#arguments.config.awsSecretKey#@#arguments.config.bucket##lcase(arguments.config.pathPrefix)##lcase(arguments.dir)#" />
+		<cfset var s3path = getS3Path(config=arguments.config,file=arguments.dir) />
 		
 		<cfif not directoryExists(s3Path)>
 			<cfreturn querynew("file") />
 		</cfif>
 
-		<cfdirectory action="list" directory="#s3path#" recurse="true" listinfo="#arguments.listinfo#" name="qDir" sort="name" />
+		<cfdirectory action="list" directory="#s3path#" recurse="true" type="file" listinfo="#arguments.listinfo#" name="qDir" sort="name" />
 		
 		<cfif arguments.listinfo EQ "name">
 			<cfset QueryAddColumn( qDir, "file", [])>
@@ -1068,13 +1108,13 @@
 			config=arguments.config,
 			timestamp=timestamp,
 			method="PUT",
-			path=path,
+			path=arguments.config.apiEndpointPrefix & path,
 			headers=stHeaders,
 			unsignedPayload=true
 		) />
 
 		<!--- REST call --->
-		<cfhttp method="PUT" url="https://#arguments.config.bucket#.s3.amazonaws.com#path#" charset="utf-8" result="cfhttp" timeout="1800">
+		<cfhttp method="PUT" url="https://#arguments.config.apiEndpoint##arguments.config.apiEndpointPrefix##path#" charset="utf-8" result="cfhttp" timeout="1800">
 			<!--- Amazon Global Headers --->
 			<cfhttpparam type="header" name="Date" value="#timestamp#" />
 			<cfhttpparam type="header" name="Authorization" value="#signature#" />
@@ -1106,7 +1146,7 @@
 		<cfelseif NOT listFindNoCase("200,204",listfirst(cfhttp.statuscode," "))>
 			<cfset substituteValues = arrayNew(1)>
 			<cfset substituteValues[1] = cfhttp.statuscode>
-			<cfset substituteValues[2] = "https://#arguments.config.bucket#.s3.amazonaws.com#path#">
+			<cfset substituteValues[2] = "https://#arguments.config.apiEndpoint##arguments.config.apiEndpointPrefix##path#">
 			<cfset application.fapi.throw(message="Error accessing S3 API: {1} {2}",type="s3error",detail=cfhttp.filecontent,substituteValues=substituteValues) />
 		</cfif>
 	</cffunction>
@@ -1162,7 +1202,7 @@
 			config=arguments.config,
 			timestamp=timestamp,
 			method="PUT",
-			path=path,
+			path=arguments.config.apiEndpointPrefix & path,
 			queryParams={
 				"acl"=""
 			},
@@ -1171,7 +1211,7 @@
 		) />
 
 		<!--- REST call --->
-		<cfhttp method="PUT" url="https://#arguments.config.bucket#.s3.amazonaws.com#path#?acl" charset="utf-8" result="cfhttp" timeout="1800">
+		<cfhttp method="PUT" url="https://#arguments.config.apiEndpoint##arguments.config.apiEndpointPrefix##path#?acl" charset="utf-8" result="cfhttp" timeout="1800">
 			<!--- Amazon Global Headers --->
 			<cfhttpparam type="header" name="Date" value="#timestamp#" />
 			<cfhttpparam type="header" name="Authorization" value="#signature#" />
@@ -1200,7 +1240,7 @@
 		<cfelseif NOT listFindNoCase("200,204",listfirst(cfhttp.statuscode," "))>
 			<cfset substituteValues = arrayNew(1)>
 			<cfset substituteValues[1] = cfhttp.statuscode>
-			<cfset substituteValues[2] = "https://#arguments.config.bucket#.s3.amazonaws.com#path#">
+			<cfset substituteValues[2] = "https://#arguments.config.apiEndpoint##arguments.config.apiEndpointPrefix##path#">
 			<cfset application.fapi.throw(message="Error accessing S3 API: {1} {2}",type="s3error",detail=cfhttp.filecontent,substituteValues=substituteValues) />
 		</cfif>
 	</cffunction>
@@ -1233,13 +1273,13 @@
 			config=arguments.config,
 			timestamp=timestamp,
 			method="DELETE",
-			path=path,
+			path=arguments.config.apiEndpointPrefix & path,
 			headers=stHeaders,
 			unsignedPayload=true
 		) />
 
 		<!--- REST call --->
-		<cfhttp method="DELETE" url="https://#arguments.config.bucket#.s3.amazonaws.com#path#" result="cfhttp" timeout="1800">
+		<cfhttp method="DELETE" url="https://#arguments.config.apiEndpoint##arguments.config.apiEndpointPrefix##path#" result="cfhttp" timeout="1800">
 			<!--- Amazon Global Headers --->
 			<cfhttpparam type="header" name="Date" value="#timestamp#" />
 			<cfhttpparam type="header" name="Authorization" value="#signature#" />
@@ -1268,7 +1308,7 @@
 		<cfelseif NOT listFindNoCase("200,204",listfirst(cfhttp.statuscode," "))>
 			<cfset substituteValues = arrayNew(1)>
 			<cfset substituteValues[1] = cfhttp.statuscode>
-			<cfset substituteValues[2] = "https://#arguments.config.bucket#.s3.amazonaws.com#path#">
+			<cfset substituteValues[2] = "https://#arguments.config.apiEndpoint##arguments.config.apiEndpointPrefix##path#">
 			<cfset application.fapi.throw(message="Error accessing S3 API: {1} {2}",type="s3error",detail=cfhttp.filecontent,substituteValues=substituteValues) />
 		</cfif>
 	</cffunction>
@@ -1306,3 +1346,4 @@
 	</cffunction>
 
 </cfcomponent>
+
diff --git a/packages/forms/farPagination.cfc b/packages/forms/farPagination.cfc
index e8b9ea7b2..546248c4d 100644
--- a/packages/forms/farPagination.cfc
+++ b/packages/forms/farPagination.cfc
@@ -160,7 +160,7 @@
 			</cfif>
 
 		<cfelse>
-			<skin:buildLink id="#arguments.id#" href="#stLink.href#" onclick="#stLink.onclick#;" class="#stLink.class# #arguments.class#" style="#arguments.style#" title="#arguments.title#" linktext="#arguments.linktext#" />
+			<skin:buildLink id="#arguments.id#" href="#stLink.href#" onclick="#stLink.onclick#;" class="#stLink.class# #arguments.class#" style="#arguments.style#" title="#arguments.title#"><cfoutput>#arguments.linktext#</cfoutput></skin:buildLink>
 		</cfif>	
 
 	</cfif>
diff --git a/packages/lib/cdn.cfc b/packages/lib/cdn.cfc
index 6b679d1a5..fa209c5a3 100644
--- a/packages/lib/cdn.cfc
+++ b/packages/lib/cdn.cfc
@@ -657,7 +657,8 @@
 				<cfset application.fapi.throw(message="New file must have the same extension. Current extension is {1} and new extension is {2}.",type="uploaderror",substituteValues=[ listlast(arguments.destination,"."), listlast(cffile.serverFile,".") ]) />
 			</cfif>
 		<cfelse>
-			<cfset filename = normalizePath(arguments.destination & "/" & sanitizeFilename(cffile.ServerFile)) />
+			<!--- original filename in temp folder must stay as is. filename will be sanitised when it is moved to a CDN location --->
+			<cfset filename = normalizePath(arguments.destination) & "/" & cffile.ServerFile />
 		</cfif>
 
 		<!--- move the file if the destination location is different to the current temp location, or if the destination filename is different to the current temp filename --->
diff --git a/packages/lib/diff.cfc b/packages/lib/diff.cfc
index c158d7a54..f85da6682 100644
--- a/packages/lib/diff.cfc
+++ b/packages/lib/diff.cfc
@@ -93,17 +93,17 @@
 		<cfloop from="1" to="#arraylen(arguments.aDiff)#" index="i">
 			<cfif arguments.aDiff[i].diff neq leftStatus>
 				<cfif arguments.aDiff[i].diff eq "-"><!--- Moving into deleted text --->
-					<cfset stResult.leftHighlighted = stResult.leftHighlighted & "<span style='color:##CC2504;font-weight:bold;'>" />
+					<cfset stResult.leftHighlighted = stResult.leftHighlighted & "___DIFF_HIGHLIGHT_REMOVE___" />
 				<cfelseif leftStatus eq "-"><!--- Moving out of deleted text --->
-					<cfset stResult.leftHighlighted = stResult.leftHighlighted & "</span>" />
+					<cfset stResult.leftHighlighted = stResult.leftHighlighted & "___DIFF_HIGHLIGHT_END___" />
 				</cfif>
 				<cfset leftStatus = arguments.aDiff[i].diff />
 			</cfif>
 			<cfif arguments.aDiff[i].diff neq rightStatus>
 				<cfif arguments.aDiff[i].diff eq "+"><!--- Moving into added text --->
-					<cfset stResult.rightHighlighted = stResult.rightHighlighted & "<span style='color:##00BF0D;font-weight:bold;'>" />
+					<cfset stResult.rightHighlighted = stResult.rightHighlighted & "___DIFF_HIGHLIGHT_ADD___" />
 				<cfelseif rightStatus eq "+"><!--- Moving out of added text --->
-					<cfset stResult.rightHighlighted = stResult.rightHighlighted & "</span>" />
+					<cfset stResult.rightHighlighted = stResult.rightHighlighted & "___DIFF_HIGHLIGHT_END___" />
 				</cfif>
 				<cfset rightStatus = arguments.aDiff[i].diff />
 			</cfif>
@@ -116,11 +116,14 @@
 		</cfloop>
 		
 		<cfif leftStatus eq "-"><!--- Moving out of deleted text --->
-			<cfset stResult.leftHighlighted = stResult.leftHighlighted & "</span>" />
+			<cfset stResult.leftHighlighted = stResult.leftHighlighted & "___DIFF_HIGHLIGHT_END___" />
 		</cfif>
 		<cfif rightStatus eq "+"><!--- Moving out of added text --->
-			<cfset stResult.rightHighlighted = stResult.rightHighlighted & "</span>" />
+			<cfset stResult.rightHighlighted = stResult.rightHighlighted & "___DIFF_HIGHLIGHT_END___" />
 		</cfif>
+
+		<cfset stResult.leftHighlighted = replaceList(application.fc.lib.esapi.encodeForHTML(stResult.leftHighlighted), "___DIFF_HIGHLIGHT_REMOVE___,___DIFF_HIGHLIGHT_END___", "<span style='color:##CC2504;font-weight:bold;'>,</span>")>
+		<cfset stResult.rightHighlighted = replaceList(application.fc.lib.esapi.encodeForHTML(stResult.rightHighlighted), "___DIFF_HIGHLIGHT_ADD___,___DIFF_HIGHLIGHT_END___", "<span style='color:##00BF0D;font-weight:bold;'>,</span>")>
 		
 		<cfreturn stResult />
 	</cffunction>
diff --git a/packages/lib/objectBroker.cfc b/packages/lib/objectBroker.cfc
index f7af90cc5..3db146ff7 100644
--- a/packages/lib/objectBroker.cfc
+++ b/packages/lib/objectBroker.cfc
@@ -859,7 +859,7 @@
 		<cfset var objectid = listgetat(arguments.key,3,"_") />
 		<cfset var oldobject = "" />
 		<cfset var i = "" />
-		<cfset var stCacheEntry = { value=arguments.data, key=arguments.key } />
+		<cfset var stCacheEntry = { value=duplicate(arguments.data), key=arguments.key } />
 
 		<cfset arguments.key = listDeleteAt(listDeleteAt(arguments.key,1,"_"),1,"_") />
 		
diff --git a/packages/security/security.cfc b/packages/security/security.cfc
index 275fb2597..f2c1b1555 100644
--- a/packages/security/security.cfc
+++ b/packages/security/security.cfc
@@ -401,8 +401,6 @@
 		<cfset var i = 0 />
 		<cfset var oProfile = createObject("component", application.stcoapi["dmProfile"].packagePath) />
 		<cfset var stDefaultProfile = structnew() />
-		
-		<cfset sessionRotate()>
 
 		<!--- Get user groups and convert them to Farcry roles --->
 		<cfset aUserGroups = this.userdirectories[arguments.ud].getUserGroups(arguments.userid) />
@@ -469,7 +467,9 @@
 			<!--- DEPRECATED --->
 			<cfset session.firstLogin = false />
 		</cfif>
-		
+
+		<cfset sessionRotate()>
+
 		<!--- Log the result --->
 		<cfif structKeyExists(session, "impersonator")>
 			<farcry:logevent type="security" event="impersonatedby" userid="#session.security.userid#" notes="#session.impersonator#" />
diff --git a/packages/types/dmCron.cfc b/packages/types/dmCron.cfc
index 80c76c736..1d62aa911 100644
--- a/packages/types/dmCron.cfc
+++ b/packages/types/dmCron.cfc
@@ -181,7 +181,7 @@ type properties
 	<cfset stAttributes.action = "list">
 	<cfif isDefined("application.sysinfo.engine.engine") and application.sysinfo.engine.engine eq "coldfusion">
 		<cfset stAttributes.result = "qJobs">
-	<cfelseif isDefined("application.sysinfo.engine.engine") and application.sysinfo.engine.engine eq "lucee">
+	<cfelseif isDefined("application.sysinfo.engine.engine") and application.sysinfo.engine.engine eq "lucee" and application.sysinfo.engine.productversion gte 5>
 		<cfset stAttributes.result = "qJobs">
 	<cfelse>
 		<cfset stAttributes.returnvariable = "qJobs">
diff --git a/packages/types/types.cfc b/packages/types/types.cfc
index fc90c8678..b7262f5f3 100644
--- a/packages/types/types.cfc
+++ b/packages/types/types.cfc
@@ -980,7 +980,7 @@ default handlers
 						<cfelse>
 							<i class="fa fa-file-o"></i>
 						</cfif>
-						#stobj.label#
+						#application.fc.lib.esapi.encodeForHTML(stobj.label)#
 					</h1>
 				</cfoutput>
 				
@@ -1070,7 +1070,7 @@ default handlers
 						<cfelse>
 							<i class="fa fa-file-o"></i>
 						</cfif>
-						#stobj.label#
+						#application.fc.lib.esapi.encodeForHTML(stobj.label)#
 					</h1>
 				</cfoutput>
 				
diff --git a/patch.version b/patch.version
index 9a037142a..9d607966b 100755
--- a/patch.version
+++ b/patch.version
@@ -1 +1 @@
-10
\ No newline at end of file
+11
\ No newline at end of file
diff --git a/tags/webskin/buildLink.cfm b/tags/webskin/buildLink.cfm
index b91c478c0..a570bf55f 100644
--- a/tags/webskin/buildLink.cfm
+++ b/tags/webskin/buildLink.cfm
@@ -52,7 +52,7 @@
 	<cfset href = application.fapi.getLink(argumentCollection="#attributes#") />
 
 	<cfif attributes.bModal>
-		<cfset attributes.onClick = listAppend( attributes.onClick , "$fc.openBootstrapModal({title: '#attributes.title#', url: '#href#'});return false;" , ";" )>
+		<cfset attributes.onClick = listAppend( attributes.onClick , "$fc.openBootstrapModal({title: '#application.fc.lib.esapi.encodeForJavaScript(application.fc.lib.esapi.encodeForHTML(attributes.title))#', url: '#href#'});return false;" , ";" )>
 		<cfset href = "##" />
 	</cfif>
 
@@ -80,7 +80,7 @@
 			<cfset tagoutput=tagoutput & ' style="#attributes.style#"'>
 		</cfif>
 		<cfif len(attributes.title)>
-			<cfset tagoutput=tagoutput & ' title="#attributes.title#"'>
+			<cfset tagoutput=tagoutput & ' title="#application.fc.lib.esapi.encodeForHTMLAttribute(attributes.title)#"'>
 		</cfif>
 		<cfif len(attributes.xCode)>
 			<cfset tagoutput=tagoutput & ' #attributes.xCode#'>
@@ -89,7 +89,7 @@
 			<cfset tagoutput=tagoutput & ' target="#attributes.target#"'>
 		</cfif>
 		<cfif len(attributes.onclick)>
-			<cfset tagoutput=tagoutput & ' onclick="#attributes.onclick#"'>
+			<cfset tagoutput=tagoutput & ' onclick="#application.fc.lib.esapi.encodeForHTMLAttribute(attributes.onclick)#"'>
 		</cfif>
 		<cfset tagoutput=tagoutput & '>'>
 	</cfif>
@@ -104,7 +104,7 @@
 			
 			<!--- USE THE LINKTEXT AS GENERATED CONTENT IF AVAILABLE --->
 			<cfif len(attributes.linktext)>
-				<cfset thistag.GeneratedContent = attributes.linktext />
+				<cfset thistag.GeneratedContent = application.fc.lib.esapi.encodeForHTML(attributes.linktext) />
 			</cfif>
 			
 			<!--- TRANSLATE THE TEXT --->
diff --git a/tags/wizard/wizard.cfm b/tags/wizard/wizard.cfm
index fb77508ef..6318868d8 100644
--- a/tags/wizard/wizard.cfm
+++ b/tags/wizard/wizard.cfm
@@ -242,11 +242,11 @@
 					<i class="fa #attributes.icon#"></i>
 				</cfif>
 				<cfif len(attributes.title)>
-					#attributes.title#
+					#application.fc.lib.esapi.encodeForHTML(attributes.title)#
 				<cfelse>
 										
 					<cfif structKeyExists(stWizard.data, stWizard.primaryObjectID) and structKeyExists(stWizard.data[stWizard.primaryObjectID], "label")>
-						#stWizard.data['#stWizard.primaryObjectID#'].label#
+						#application.fc.lib.esapi.encodeForHTML(stWizard.data['#stWizard.primaryObjectID#'].label)#
 					<cfelse>
 						#ListGetAt(stwizard.Steps,stwizard.CurrentStep)#
 					</cfif>
diff --git a/webskin/dmInclude/webtopOverviewSummary.cfm b/webskin/dmInclude/webtopOverviewSummary.cfm
index 536500d86..5212df8fa 100644
--- a/webskin/dmInclude/webtopOverviewSummary.cfm
+++ b/webskin/dmInclude/webtopOverviewSummary.cfm
@@ -52,9 +52,9 @@ START WEBSKIN
 					<skin:buildLink href="#application.url.webtop#/edittabOverview.cfm" urlParameters="typename=dmNavigation&objectID=#qAncestors.objectid#" linktext="#qAncestors.objectName#" />
 					<cfoutput>&nbsp;&raquo;&nbsp;</cfoutput>
 				</cfloop>
-				<cfoutput>#stobj.label#</cfoutput>
+				<cfoutput>#application.fc.lib.esapi.encodeForHTML(stobj.label)#</cfoutput>
 			<cfelse>
-				<cfoutput>#stobj.label#</cfoutput>
+				<cfoutput>#application.fc.lib.esapi.encodeForHTML(stobj.label)#</cfoutput>
 			</cfif>
 		</cfif>
 			
diff --git a/webskin/dmNavigation/edit.cfm b/webskin/dmNavigation/edit.cfm
index 381c0389c..1bc7aa802 100644
--- a/webskin/dmNavigation/edit.cfm
+++ b/webskin/dmNavigation/edit.cfm
@@ -85,7 +85,7 @@
 		<cfelse>
 			<i class="fa fa-file-o"></i>
 		</cfif> 
-		#stobj.label#
+		#application.fc.lib.esapi.encodeForHTML(stobj.label)#
 	</h1>
 </cfoutput>
 
diff --git a/webskin/dmNavigation/webtopOverviewSummary.cfm b/webskin/dmNavigation/webtopOverviewSummary.cfm
index 12d21a35a..df776ec03 100644
--- a/webskin/dmNavigation/webtopOverviewSummary.cfm
+++ b/webskin/dmNavigation/webtopOverviewSummary.cfm
@@ -58,9 +58,9 @@
 					<skin:buildLink href="#application.url.webtop#/edittabOverview.cfm" urlParameters="typename=dmNavigation&objectID=#qAncestors.objectid#" linktext="#qAncestors.objectName#" />
 					<cfoutput>&nbsp;&raquo;&nbsp;</cfoutput>
 				</cfloop>
-				<cfoutput>#stobj.label#</cfoutput>
+				<cfoutput>#application.fc.lib.esapi.encodeForHTML(stobj.label)#</cfoutput>
 			<cfelse>
-				<cfoutput>#stobj.label#</cfoutput>
+				<cfoutput>#application.fc.lib.esapi.encodeForHTML(stobj.label)#</cfoutput>
 			</cfif>
 		</cfif>
 		
@@ -90,7 +90,8 @@
 								<cfelse>
 									<i class="fa fa-file-o fa-fw"></i>
 								</cfif>
-								<skin:view typename="#contentTypename#" objectid="#stobj.externalLink#" webskin="displayLabel" />
+								<skin:view typename="#contentTypename#" objectid="#stobj.externalLink#" webskin="displayLabel" r_html="labelHTML" />
+								#application.fc.lib.esapi.encodeForHTML(trim(labelHTML))#
 							</cfif>
 						</td>	
 					</tr>	
@@ -123,7 +124,8 @@
 								<cfelse>
 									<i class="fa fa-file-o fa-fw"></i>
 								</cfif>
-								<skin:view typename="#contentTypename#" objectid="#stobj.aObjectIDs[i]#" webskin="displayLabel" />
+								<skin:view typename="#contentTypename#" objectid="#stobj.aObjectIDs[i]#" webskin="displayLabel" r_html="labelHTML" />
+								#application.fc.lib.esapi.encodeForHTML(trim(labelHTML))#
 							</td>	
 						</tr>
 							
@@ -180,7 +182,8 @@
 								<cfelse>
 									<i class="fa fa-file-o fa-fw"></i>
 								</cfif>
-								<skin:view typename="#contentTypename#" objectid="#stobj.internalRedirectID#" webskin="displayLabel" />
+								<skin:view typename="#contentTypename#" objectid="#stobj.internalRedirectID#" webskin="displayLabel" r_html="labelHTML" />
+								#application.fc.lib.esapi.encodeForHTML(trim(labelHTML))#
 							</cfif>
 						</td>	
 					</tr>	
@@ -191,7 +194,7 @@
 	<cfelseif stObj.navType eq "externalRedirectURL">
 		
 		<ft:field label="External Redirect" bMultiField="true" hint="This navigation item redirects to a page on another website.">
-			<cfoutput><a href="#stObj.externalRedirectURL#" target="_blank">#stObj.externalRedirectURL#</a></cfoutput>
+			<cfoutput><a href="#application.fc.lib.esapi.encodeForHTMLAttribute(stObj.externalRedirectURL)#" target="_blank">#application.fc.lib.esapi.encodeForHTML(stObj.externalRedirectURL)#</a></cfoutput>
 		</ft:field>
 
 	</cfif>
@@ -199,7 +202,7 @@
 	
 	<ft:field label="Alias" hint="The alias is used by the programmers to refer to this navigation item in their code.">
 		<cfif len(stobj.lNavIDAlias)>
-			<cfoutput>#stobj.lNavIDAlias#</cfoutput>
+			<cfoutput>#application.fc.lib.esapi.encodeForHTML(stobj.lNavIDAlias)#</cfoutput>
 		<cfelse>
 			<cfoutput>-- No Alias Provided --</cfoutput>
 		</cfif>
diff --git a/webskin/dmNavigation/webtopTreeChildRows.cfm b/webskin/dmNavigation/webtopTreeChildRows.cfm
index dffe1fdc2..65f37ac38 100644
--- a/webskin/dmNavigation/webtopTreeChildRows.cfm
+++ b/webskin/dmNavigation/webtopTreeChildRows.cfm
@@ -256,7 +256,7 @@
 		<cfset stFolderRow["nodetype"] = "folder">
 		<cfset stFolderRow["protectednode"] = bProtectedNode>
 		<cfset stFolderRow["parentid"] = qTree.parentid>
-		<cfset stFolderRow["label"] = stNav.label>
+		<cfset stFolderRow["label"] = application.fc.lib.esapi.encodeForHTML(stNav.label)>
 		<cfset stFolderRow["datetimelastupdated"] = "#dateFormat(stNav.datetimelastupdated, "yyyy-mm-dd")# #timeFormat(stNav.datetimelastupdated, "HH:mm:ss")#">
 		<cfset stFolderRow["prettydatetimelastupdated"] = application.fapi.prettyDate(stNav.datetimelastupdated)>
 		<cfset stFolderRow["expandable"] = expandable>
@@ -374,7 +374,7 @@
 			<cfset stLeafRow["nodetype"] = "leaf">
 			<cfset stLeafRow["parentid"] = stNav.objectid>
 			<cfset stLeafRow["versionobjectid"] = stLeafNode.versionObjectid>
-			<cfset stLeafRow["label"] = stLeafNode.label>
+			<cfset stLeafRow["label"] = application.fc.lib.esapi.encodeForHTML(stLeafNode.label)>
 			<cfset stLeafRow["datetimelastupdated"] = "#dateFormat(lastupdated, "yyyy-mm-dd")# #timeFormat(lastupdated, "HH:mm:ss")#">
 			<cfset stLeafRow["prettydatetimelastupdated"] = application.fapi.prettyDate(stLeafNode.datetimelastupdated)>
 			<cfset stLeafRow["expandable"] = 0>
diff --git a/webskin/dmProfile/webtopDashboardRecentActivity.cfm b/webskin/dmProfile/webtopDashboardRecentActivity.cfm
index 2878ab1eb..2b308481a 100644
--- a/webskin/dmProfile/webtopDashboardRecentActivity.cfm
+++ b/webskin/dmProfile/webtopDashboardRecentActivity.cfm
@@ -38,7 +38,7 @@
 				<cfset eventTypename=application.fapi.findType(qActivity.object) />
 				<cfif len(eventTypename) AND eventTypename neq "container">
 					<cfset stObj = application.fapi.getContentObject(qActivity.object) />
-					<cfif stObj.label NEQ "(incomplete)">
+					<cfif structKeyExists(stObj, "label") AND stObj.label NEQ "(incomplete)">
 					<cfset stProfile = oProfile.getProfile(qActivity.userid)>
 					<tr>
 						<td nowrap="true"><i class="fa #application.fapi.getContentTypeMetadata(typename="#stObj.Typename#", md="icon", default="fa-file-text")# fa-lg" title="#application.fapi.getContentTypeMetadata(typename="#stObj.Typename#", md="displayname", default="Unknown")#"></i> #stObj.Typename#</td>
diff --git a/webskin/farConfig/webtopBody.cfm b/webskin/farConfig/webtopBody.cfm
index 427950d0a..b68a59acd 100644
--- a/webskin/farConfig/webtopBody.cfm
+++ b/webskin/farConfig/webtopBody.cfm
@@ -70,7 +70,7 @@ VIEW
 	title="Manage Configuration" 
 	columnList="configkey,datetimelastupdated" 
 	sqlorderby="label asc" 
-	sortableColumns=""
+	sortableColumns="label"
 	aCustomColumns="#aCustomColumns#" 
 	bSelectCol="true" 
 	bShowActionList="false"
diff --git a/webskin/farRole/webtopOverviewSummary.cfm b/webskin/farRole/webtopOverviewSummary.cfm
index 7766d3372..fa8140e0b 100644
--- a/webskin/farRole/webtopOverviewSummary.cfm
+++ b/webskin/farRole/webtopOverviewSummary.cfm
@@ -38,14 +38,14 @@ START WEBSKIN
 <ft:fieldset legend="#application.fapi.getContentTypeMetadata(stobj.typename,'displayname',stobj.typename)# Information">
 	
 	<ft:field label="Title">
-		<cfoutput>#stobj.title#</cfoutput>
+		<cfoutput>#application.fc.lib.esapi.encodeForHTML(stobj.title)#</cfoutput>
 	</ft:field>	
 	<ft:field label="Groups" bMultiField="true">
 		<cfif arrayLen(stobj.aGroups)>
 			<cfoutput>
 			<ul>
 			<cfloop from="1" to="#arrayLen(stobj.aGroups)#" index="i">
-				<li>#stobj.aGroups[i]#</li>
+				<li>#application.fc.lib.esapi.encodeForHTML(stobj.aGroups[i])#</li>
 			</cfloop>
 			</ul>
 			</cfoutput>
diff --git a/webskin/types/trayContainer.cfm b/webskin/types/trayContainer.cfm
index a2ae8f88b..4171ae872 100644
--- a/webskin/types/trayContainer.cfm
+++ b/webskin/types/trayContainer.cfm
@@ -278,6 +278,9 @@
 			<div class="farcryTrayBodyMenu">
 				<ul>
 					<li><a href="#application.fc.lib.esapi.encodeForHTMLAttribute(application.fapi.fixURL(url='#application.url.webtop#'))#"><span class="ui-icon ui-icon-calculator"></span><admin:resource key='tray.button.webtop@label'>Webtop</admin:resource></a></li>
+					<cfif application.fapi.getContentTypeMetadata(stObj.typename, "bUseInTree", false)>
+						<li><a id="farcryTray-sitetree" href="#application.url.webtop#/index.cfm?id=site&rootobjectid=#request.navid#" target="_blank"><span class="ui-icon ui-icon-zoomin"></span><admin:resource key='tray.button.sitetree@label'>Site Tree</admin:resource></a></li>
+					</cfif>
 					<li><a href="#application.fc.lib.esapi.encodeForHTMLAttribute(application.fapi.fixURL(url='#form.refererURL#', addvalues='logout=1'))#"><span class="ui-icon ui-icon-power"></span><admin:resource key='tray.button.logout@label'>Logout</admin:resource></a></li>
 					<li class="farcryTrayPageSpeed"><a title="<admin:resource key='tray.information.renderingspeed@hint'>Page rendering speed</admin:resource>"><span class="ui-icon ui-icon-clock" style="background-position:-81px -112px;"></span> <admin:resource key='tray.information.renderingspeed@label' var1="#application.fc.lib.esapi.encodeForHTML(url.totalTickCount)#">{1} ms</admin:resource></a></li>
 				</ul>
diff --git a/webskin/types/webtopOverviewSummary.cfm b/webskin/types/webtopOverviewSummary.cfm
index 74d698550..dc3ec0bee 100644
--- a/webskin/types/webtopOverviewSummary.cfm
+++ b/webskin/types/webtopOverviewSummary.cfm
@@ -33,7 +33,7 @@
 	</cfif>
 	
 	<ft:field label="Label" bMultiField="true">
-		<cfoutput>#stobj.label#</cfoutput>
+		<cfoutput>#application.fc.lib.esapi.encodeForHTML(stobj.label)#</cfoutput>
 	</ft:field>	
 	
 	
@@ -57,9 +57,9 @@
 								<skin:buildLink href="#application.url.webtop#/edittabOverview.cfm" urlParameters="typename=dmNavigation&objectID=#qAncestors.objectid#" linktext="#qAncestors.objectName#" />
 							<cfoutput>&nbsp;&raquo;&nbsp;</cfoutput>
 						</cfloop>
-						<cfoutput>#stobj.label#</cfoutput>
+						<cfoutput>#application.fc.lib.esapi.encodeForHTML(stobj.label)#</cfoutput>
 					<cfelse>
-						<cfoutput>#stobj.label#</cfoutput>
+						<cfoutput>#application.fc.lib.esapi.encodeForHTML(stobj.label)#</cfoutput>
 					</cfif>
 				</cfif>
 			
@@ -90,7 +90,7 @@
 	<!--- show common properties --->
 	<cfif structKeyExists(stobj, "teaser")>
 		<ft:field label="Teaser" bMultiField="true">
-			<cfoutput><cfif len(stobj.teaser)>#stobj.teaser#<cfelse>-- none --</cfif></cfoutput>
+			<cfoutput><cfif len(stobj.teaser)>#application.fc.lib.esapi.encodeForHTML(stobj.teaser)#<cfelse>-- none --</cfif></cfoutput>
 		</ft:field>
 	</cfif>
 	<cfif structKeyExists(stobj, "displayMethod")>
diff --git a/webskin/types/webtopOverviewTab.cfm b/webskin/types/webtopOverviewTab.cfm
index b2e52a21f..80ffc526c 100644
--- a/webskin/types/webtopOverviewTab.cfm
+++ b/webskin/types/webtopOverviewTab.cfm
@@ -157,7 +157,7 @@ FARCRY INCLUDE FILES
 		<cfelse>
 			<i class="fa fa-file"></i>
 		</cfif>
-		#stobj.label#
+		#application.fc.lib.esapi.encodeForHTML(stobj.label)#
 	</h1>
 </cfoutput>