#CSP

I am doing a form POST to myself (same class) and when I do the form action it gets a page similar to the error page but just says:

Invalid action

There is nothing in the application error log. How can I troubleshoot this?

I am trying to get the value of a Submit button on a CSP object page.

<input type="Submit" value="Assign" name="action" id="action">

I tried getting it thru $GET(%Request.Data("action")), but it throws an Undefined error. Isnt $GET supposed to handle it if its undefined anyway?

How do I get the "value" of the button pushed when the form is set to POST?

I am attempting to follow the tutorial at Publishing Web Services Using Caché | Caché Web Services QuickStart Tutorial | Caché & Ensemble 2018.1.4 – 2018.1.11 to build a toy SOAP web-service using Cache but am running into what I suspect are permissions issues, or perhaps setting up the "plumbing" to get an incoming request to call the web-service methods.

I am trying to log in to the Web Gateway Management and I have missed placed the password to access the system I have tried

We have a machine that serves 4 instances of Cache on VMS systems, one of them is password protected and works fine as they all do. we decided we wanted something beefier and copied it to a server, well all but the one you have to login to works so 3 of the 4 do. and the odd part is I can no longer get to the management page from anywhere on any machine, http://localhost/csp/bin/Systems/Module.cxw I get a 404.8 error, I have tried adjusting security and same thing. and a server availability error.

Hi developers!

While developing web apps the security practice I consider safe and convenient is to create a special Role (e.g. equal application name) which contains security resources which application will need (SQL tables, priviledges, database access, etc) and assign it to the Web Application.
So the user gets this role once it loggs in to the application (via password, no password or delegated).

Convenient, right?

So, the question is, when I deploy the app as an IPM module what should I put as a database access?

Hey, So the title pretty much describes the question:
Where and How can i see the Stream that contains the response back to the client of a CSP application.

When the request is being processed and finished we return a response to the client - We do that by writing the data to a stream and that stream is sent back to the client.
I wanted to know how i can access the point right before that Data is actually written to the client back (meaning the place where the response is actually being send back, the last point of contact).

We are currently looking into a way to provide a group of end-users (i.e. non-Interface Development engineers) access to a pre-defined group of Ensemble-based Data Lookup Tables for purposes of viewing and editing. We do not want to give them access to ALL Data Lookup Tables due to security/continuity concerns.

My thinking is that a simple persistent Cache table with three columns (Role Name, Table Name, Access-Level [like View or Edit]) with a CSP front-end could potentially provide an easy way to make this solution a reality.

Hi Community,

I have a CSP page I am developing with the intent of pulling files from an SFTP site and placing them in a folder on the local network.

I am having an issue where the CSP page is catching a JS error. The error in the browser is - A JavaScript exception was caught during execution of HyperEvent: SyntaxError: Unexpected identifier 'downloading'. (However, the unexpected identifier changes after refreshing page, or after removing the Write statement with the work 'downloading' in it.)

I think I have narrowed it down to a piece of the Javascript code -

Is there any mechanism already implemented in IRIS to prevent XSS exploits ?

This case happen when user input html/javascript content into fields and submit the page. If saved content is rendered as is, it's going to be executed by anyone visiting the page.

What I am looking for :

Hi everybody,

I'm modifying a REST interface for a client but it seems impossible to me to modify HTTP Response Status and including custom HTTP Headers either.

My dispatch class (extending %CSP.REST) is contacted through a POST request and the latter is processed in a custom class (extending %CSP.REST as well) accessed as shown in the example below:

<Route Url="/test" Method="POST" Call="Custom.Test:Process" />

Within the processing class I tried executing the following statements with no success:

I'm trying to rewrite a legacy portal created with all .csp files into a portal written in .cls files. The problem I have is that the old cap pages use "csp:include page='page.csp'> tags. I'm trying to use the Include method that is in the %CSP.Page master page. It doesn't seem to insert the required file. Any suggestions?

Hello,

First of all: thanks for your help, and thank you for your time.

Thanks for your time.

We have the following situation:

We are in a BPL, and we have defined 4 <call> asynchronous as follows:

First one name: "Enviar a Proceso NEGRIN"

The second one, named as: "Enviar a Proceso HUNSC"

We have a CSP pages script, which gets and sets a cookie for email tracking purposes, we had problems with cookies not being passed to this script when the URL was opened from an email client due to being cross-site, so I set Session Cookie Scope & User Cookie Scope to None instead of Strict.

This solved the issue with cookies not being passed, however the script entirely does not work anymore due to the error:

"Invalid CSP response cookie. SameSite cannot be set to None without Secure. : CSP Error"