New post

#CSP

7

Caché Server Pages (CSP) is both an architecture and toolset used to build an interactive web applications with the InterSystems Data Platform.

Hello,

First of all thanks for your time reading this doubt.

We have discovered the following behaviour. Inside a Router we have a roule which needs to filter out the ADT_A08 messages which have not OBXs.

The legacy system had this rule implemented:

(((Document.{OBX(1).SetIDOBX}<"1")||((Document.{EVN:EventReasonCode}!="COD")&&(Document.{EVN:EventReasonCode}!="FIN")))

However we have tested it and it does not filter out the ADT_A08 messages.

0 5
0 132

I have a CSP page that throw a "414 error - Request-URI Too Long" when I put lot of text (eg : 10000 characters) into a field of a submitted form. The form is submitted using POST method.

Based on some experiments I made, it seems the max size of a URL is around 8200 characters.

What is the official limit, and is there a way to increase it ? I searched in the documentation but couldn't find anything.

1 5
0 2K

Hello, I'm trying to install CSP Gateway on Ubuntu 18.04 (Apache) with the installer CSPGateway-2018.1.1.638.0-lnxubuntux64.tar.gz but it doesn't seem to work. I keep getting access-denied when I try to open CSP-pages or the CSP Management portal.

Does someone have an installation-manual or so ?

0 5
0 980

I am working on an angular applications and build a web application (Rest API) on IRIS for health, the web application uses a password authentication and setup with the default csp session time out (15 minutes). If the user make an REST API call from the angular application after the session expired, it displays a login prompt...is that anyway that we can disable the login prompt and just simply return http status 401? When the angular application received the status 401, it can redirect to angular error page.

Thanks,

Hoi

0 5
0 354

I'm currently re-engineering an application from CSP pages directly accessing COS Methods, to an Angular/Material front end accessing a REST DAL. Both the Angular front end and REST services are hosted from the same Caché instance and the same namespace, but the REST services have their own CSP application, with all calls being routed through a Dispatch class.

0 5
0 511
Article
· Jul 31, 2019 2m read
Anti CSRF Methods

IRIS provides us with anti login CSRF attack mitigation, however this is not the same as a CSRF attack, as login attacks only occur on the login form. There are currently no built-in tools to mitigate CSRF attacks on api calls and other forms, so this is a step in mitigating these attacks.

See the following link from OWASP for the definition of a CSRF attack:

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)

Open Exchange app
4 5
1 633

Hello,

I'm trying to set up an Apache server using CSP Gateway on Windows 10 (64-bit), but am getting the error "Cannot load c:/InterSystems/IRIS_2019/CSP/bin/CSPa24.dll into server: %1 is not a valid Win32 application" when attempting to start up httpd.exe after adding the CSP-specific section to httpd.conf.

The CSP gateway is 64-bit (CSPGateway-2018.1.1.643.0-win_x64) and so is the Apache install (httpd-2.4.38-o102q-x64-vc14).

The CSPa24.dll file does exist in the specified location.

Any suggestions appreciated.

Thank you,

Olga

0 5
0 736

Hi there,

I'm passing a JSON object to the server as such:

{"key":"value","key":"value","key":"value"}

From the client:

- Build object

object=JSON.stringify(object)

-pass to server side method as %String

On the server:

s object={}.FromJSON(object)

Instead of getting something like

object=<OBJECT REFERENCE>[2@%Library.DynamicObject]

I get

object="991@%Library.DynamicObject"

I can't access that object using %Get as if says invalid OREF.

0 5
0 311

Hello, has anyone tried to use Caché as a reverse proxy ?

We are trying to embed a dashboard server (Plotly Dash in this case, but it could be anything which runs on its application server) inside our application which is written in Caché.
The dashboard/report server runs locally (for example, or inside a LAN) on port 8080, and has no authentication features, so we have to implement them on a different layer, and we'd like to use Caché for it.

1 5
0 456

Currently, I am working on a CSP application that is supposed to generate reports. Users will have varying access to said reports. To achieve that, I plan to use LDAP (because it's used in other systems where those users already exist). Documentation does not provide enough information, so I'd like a clarification:
Do I need to enable LDAP authentication for the whole Cache instance to use LDAP authentication in a single CSP application in that instance?

0 5
0 248

Hi!

I am not system admin. But it used to be very simple to install CSP Gateway on an apache system on Linux with Apache installed. I used to run the CSP Gateway installation program and after it was done, all I had to do was fine tune some configurations on CSP Gateway portal on http://<ip>/csp/bin/Systems/Module.cxw and I was up and running.

0 5
0 1.3K
Question
· Sep 22, 2020
VSCode and CSP - what did I miss?

Hi -

I'm trying to get my VS Code instance that is connected to an AWS IRIS instance to edit/save/compile .csp files, but it's failing to work and I'm not sure why. The ".csp" is associated with the objectscript-csp code, and the server is connected, but things just don't act like they are enabled.

Should this work? and if so, what might I have missed in configuring things?

0 5
0 757

Hi-

I am trying to create a simple example of allowing binary (tiff) files to be selected and uploaded asynchronously to an IRIS for Health back-end. I have managed to write the HTML and Javascript which works great with regular text / ascii files, but fails with binary files.

When I upload a binary file (tiff) image I get garbage like this on the database server

1 5
0 2.5K

I have an application that as part of the registration process is using reCaptcha to provide a captcha. The issue is that service is served from Google and is unavailable in certain countries, namely China. I've been researching this some and believe it's possible to proxy the requests to the Google CDN to avoid the Chinese firewall ban on Google URLs, however I'm not quite sure how to do this in CSP.


Does anyone have suggestions on how to solve this, either with a technical solution or an alternative service I can fall back to?
An example would be greatly appreciated.

0 4
0 319
Question
· Aug 31, 2023
SELECT command within CSP

The program below works perfectly when I call it directly from the Terminal, however when I call it from within a CSP it does not work (It does not do the SELECT).

In the USER namespace, the program works both in the Terminal and on the CSP , but in another namespace it only works when called directly in the Terminal.

0 4
0 232

Hi,

I am using the &sql () tag to retrieve the value from the Cache DB.

below is the piece of code i am using:

script language="cache" method="retrieveDetail" arguments="pVariable" returntype="%String"
&sql( select columnA,
into :tempVariable1
from TABLE
where COLUMNC = pVariable

quit tempVariable1

i have to return the ColumnA value back to the calling procedure.

can i know how it can be done ? since i am getting an javascript error.

1 4
0 374

We have a machine that serves 4 instances of Cache on VMS systems, one of them is password protected and works fine as they all do. we decided we wanted something beefier and copied it to a server, well all but the one you have to login to works so 3 of the 4 do. and the odd part is I can no longer get to the management page from anywhere on any machine, http://localhost/csp/bin/Systems/Module.cxw I get a 404.8 error, I have tried adjusting security and same thing. and a server availability error.

0 4
0 215

I have a case where I have an external table that lives out in MS SQL. Using Ensemble Security functions has anyone created a csp or cls page that acts like a portal to allow users to Update a multidimensional table without knowing SQL? I could clone the EnsPortal.LookupSettings but that was made for LUT which are only 2 columns.

I know its a long shot but trying to see if there was anything off the shelf that I can use to help meet the requirements of this project.

1 4
0 215