Article
· Jul 31, 2019 2m read
Anti CSRF Methods

IRIS provides us with anti login CSRF attack mitigation, however this is not the same as a CSRF attack, as login attacks only occur on the login form. There are currently no built-in tools to mitigate CSRF attacks on api calls and other forms, so this is a step in mitigating these attacks.

See the following link from OWASP for the definition of a CSRF attack:

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)

4 5
1 703

Hi All,

I have created a REST class in which have the Parameter HandleCorsRequest = 1;

I can able to access the API using Postman, but not with my web application. It throws the below error.

Access to XMLHttpRequest at 'http://localhost:52773/IrisVSCode/app/test' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

0 5
0 16.1K

or "Didn't you say you would cover Persistent Objects in Part 5, Chris?"

Yes, that was the plan. This is a pretty important topic, so it get's its own Article

Up until now, we've display widget JSON that has been created by a basic loop. Clearly this isn't of much value. Now we have our stack connected together, and we can see that the data is flowing to the Welcome page, it's time to complete the stack and start feeding our service from "real" data.

2 4
0 1.5K

Hoping someone can help.

I had posted a similar question outside this group a while ago "Errors requesting data from local Ensemble FHIR Repository" but haven't had the chance to follow up on it since. It was suggested I re-post inside this group.

I'm trying to request data from my local FHIR repository using a simple JavaScript client and am getting the following CORS errors . ( It is a standalone client not inside HealthShare without CSP etc. on my localhost ).

0 4
0 1.2K

Hi all,

The last time I used CSP was back in 2008, so I am very rusty on it.
This question might have been asked many times, and the answer probably is that it is a matter of preference.

Are there scenarios to which CSP pages is easier/better to use than classes extending from %CSP.Page?
I want to build a little thing and don't want to start at the wrong end.
Doing an API-based, heavy client-side framework is not a requirement, and I would prefer not to do it that way.

Some of the criteria

1 4
0 314
Article
· Sep 22, 2024 5m read
Database Management Tool

Introduction

Managing databases and performing CRUD operations are fundamental tasks for developers building data-driven applications. While many database management systems (DBMS) exist, they can be complex and cumbersome to interact with, especially when it comes to creating databases and tables, handling constraints, and performing real-time data operations through an API.

8 4
0 196

This is a quick note on what happens when, on your CSP page, you call a cache script which returns a %Boolean and store that value in a javascript variable.

When you call a script with language="cache" and returntype="%Boolean" from a javascript script, the return value is interpreted as a string, not as a boolean.

Here's an example:

A cache script that returns (in theory) a "false" value:

0 3
0 558

or "Things are going to break"

We left our application over the weekend, secure in the knowledge that it was returning data from our primary persistent class, User.Widget. However, Widgets Direct are the premier supplier of both Widgets AND Widget Accessories, so we should really start working on adding these Accessories to our application.

2 3
0 1.4K

I have the following method call (have included html and css as well). when I debug the code in a browser, JavaScript seems to work fine. Loading image is coming up, table is getting hidden. But when I close the debug and just load the page and run it, loading image is not coming up, neither the table is hidden. Not sure what is going on? I need help to understand what I am doing wrong?

XData Style

{

<style type="text/css">

#loading {width: 100%;height: 100%;top: 0px;left: 0px;position: fixed;display: block; z-index: 99}

0 3
0 169

Hi:

I have been adapting the IRIS WHIZ addon as part of the contest. I will soon fork the code on github so the changes are available.

The next phase is I am storing the date from and to time for a more complete search cache

zenPage.getComponent(36).value

it works in the chrome console ok

I'm not sure in external JS how to set the page it is on as a zenpage to use the zenpage functions

0 3
0 81
Article
· Jul 31, 2017 5m read
Introduction to QEWD Micro-Services

In my previous posting about the new support in QEWD for JSON Web Token (JWT) support, I mentioned that it was a key step in enabling Micro-Service support in QEWD. In this post I'll give some background to how they work and the thinking behind them.

If you haven't heard about Micro-Services and/or want to learn more, there's lots of information available if you do a Google Search. Here's a good starting point:

https://smartbear.com/learn/api-design/what-are-microservices/

3 3
0 731

There's a new and exciting enhancement to QEWD that has just been released - it's an additional layer of abstraction known as QEWD-Up. QEWD-Up hides away all the mechanics of QEWD itself, allowing you to focus on just your REST APIs and the code that implements them.

Additionally, and importantly, QEWD-Up simplifies the maintenance of your REST APIs, allowing you (and others) to quickly and easily understand their life-cycle and implementation.

3 3
4 825

We finished our last lesson with our Widgets Direct page iterating over a list of widgets, displaying an ID and a Name value. While we have been able to achieve this with only a small amount of coding, the page itself is not the most visually appealing place to be. The AngularJS framework is providing a powerful Model-View-Controller framework for our structure and logic, but it does not implement anything that will provide a nice UI experience.

6 3
0 1.7K
Question
· Nov 24, 2024
Intersystems REGEX engine

I am working on a product that uses REGEX and matches it.
The regex is tested both on the client-side (using the JavaScript REGEX engine) and both on the server-side.

But I couldn't find one word about the way intersystems parses the regex, It is quite elementary to state which which engine it works with.

from what I could gather from early implementations and such, the engine is based off PCRE, But I need to confirm this somehow, Can anyone give me a definitive answer, Is there any tool to test the regex other than writing it myself??

0 2
0 134
Question
· Dec 27, 2023
Code Quality Checks: Javascript

Is it possible to get a code quality stamp of approval on the Open Exchange with an application written in Javascript?

My Iris Whiz application is a browser extension written in Javascript and I wonder if having the code quality stamp missing from my application page will put people off from using it.

0 2
0 168

or "Bonus Breakage"

In our last lesson, we added a relationship between 2 persistent classes. We are clearly going to need to start creating REST Services to expose CRUD operations for each of these classes, but before we do that, we should really finish defining our linkages. We added code to our Widget toJSON to spool off related Accessory data, so we should really do the reciprocal and allow Accessories to return all Widgets that are compatible.

3 2
1 1.2K

Whats NLP Stands For?

NLP stands for Natural Language Processing which is a field of Artificial Intelligence with a lot of complexity and
techniques to in short words "understand what are you talking about".

And FHIR is...???

FHIR stands for Fast Healthcare Interoperability Resources and is a standard to data structures for healthcare. There are
some good articles here explainig better how FHIR interact with Intersystems IRIS.

4 2
0 750

I have a query that I would like to have refreshing at certain intervals lets say every 30 seconds with out refreshing the page content using the META TAGS

refreshes the whole page but I have a jquery function that will run at those intervals that I can use the problem is getting the jquery to call my COS function or is the way to do it with pure COS

0 2
0 424