Web Development

Syndicate content 23 

IRIS provides us with anti login CSRF attack mitigation, however this is not the same as a CSRF attack, as login attacks only occur on the login form. There are currently no built-in tools to mitigate CSRF attacks on api calls and other forms, so this is a step in mitigating these attacks.

See the following link from OWASP for the definition of a CSRF attack:

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)

Last comment 7 August 2019
+ 4   1 2
124

views

+ 4

rating

There are several options how to deliver user interface(UI) for DeepSee BI solutions. The most common approaches are:

  • use native DeepSee Dashboards, get web UI in Zen and deliver it in your web apps.

  • use DeepSee REST API, get and build your own UI widgets and dashboards.

The 1st approach is good because of the possibility to build BI dashboards without coding relatively fast, but you are limited with preset widgets library which is expandable but with a lot of development efforts.

The 2nd provides you the way to use any comprehensive js framework (D3, Highcharts, etc) to visualize your DeepSee data, but you need to code widgets and dashboards on your own.

Today I want to tell you about yet another approach which combines both listed above and provides Angular based web UI for DeepSee Dashboards -  DeepSee Web library.

Last comment 28 May 2019
+ 2   3 9
923

views

+ 2

rating

Intro

Most server-client communication on the web is based on a request and response structure. The client sends a request to the server and the server responds to this request. The WebSocket protocol provides a two-way channel of communication between a server and client, allowing servers to send messages to clients without first receiving a request. For more information on the WebSocket protocol and its implementation in InterSystems IRIS, see the links below.

Last comment 26 April 2019
+ 5   3 4
706

views

+ 5

rating

So, one day you're working away at WidgetsDirect, the leading supplier of widget and widget accessories, when your boss asks you to develop the new customer facing portal to allow the client base to access the next generation of Widgets..... and he wants you to use Angular 1.x to read into the department's Caché server.   

There's only one problem:  You've never used Angular, and don't know how to make it talk to Caché.

This guide is going to walk through the process of setting up a full Angular stack which communicates with a Caché backend using JSON over REST.  

Last comment 25 April 2019
+ 14   1 7
2670

views

+ 14

rating

Index to Articles

Hi All

It's been 6 weeks since my original article sad
- - - - -but I have been busy on this project smiley

I have been looking at/thinking about a replacement for ZEN for around 12 months but only really started in depth 4 months ago.
Also been in IT for long enough that I can "get a feel" for a product/technology and make decisions accordingly without going into great detail. 
Any new technology has a learning curve and I don't want to waste time and effort on something that won't fly. 
And, as always, I am looking to minimise the learning curve as I want to concentrate on delivering business benefit. 

Last comment 11 April 2019
+ 15   0 4
497

views

+ 15

rating

Index to Articles

Published 2018-05-11 Last edit -

Hi All

I this article I detail some strategic issues that a new development UI will need to address - these are the ones that I can think of now - others may come to light during this journey.

See the webinar by Eduard Lebedyuk here from the last Global Summit describing  modern web development and Caché

And, as always, if I have missed something please comment....

Last comment 8 April 2019
+ 13   2 6
746

views

+ 13

rating

Hi All
This is the index to a series of articles I hope to create over the coming months.

ZEN and ZEN Mojo are no longer being actively developed by Intesystems - this is a great shame as it is a fine product that works so well for business applications.
However ZEN is a 15 year old product and I need a path forward to replace the ZEN UI with a supported development framework.

This article is an index of the other articles I have, or plan to write. - the articles will be subject to change as I develop my thoughts and climb the learning curve.

Last comment 5 April 2019
+ 12   0 7
766

views

+ 12

rating

Intro

 

Please note, this article is considered deprecated, check out the new revision over here: https://community.intersystems.com/post/tutorial-websockets

The goal of this post is to discuss working with Websockets in a Caché environment. We are going to have a quick discussion of what websockets are and then talk through an example chat application implemented on top of Websockets.

Last comment 28 January 2019
+ 12   4 19
7583

views

+ 12

rating

This post is intended to guide you through the new JSON capabilities that we introduced in Caché 2016.1. JSON has emerged to a serialization format used in many places. The web started it, but nowadays it is utilized everywhere. We've got plenty to cover, so let's get started.

Last comment 11 January 2019
+ 32   1 33
7344

views

+ 32

rating

InterSystems products (IRIS, Caché, Ensemble) already include a built-in Apache web server. But the built-in server is designed for the development and administration tasks and thus has certain limitations. Though you may find some useful workarounds for these limitations, the more common approach is to deploy a full-scale web server for your production environment. This article describes how to set up Apache to work with InterSystems products and how to provide HTTPS access. We will be using Ubuntu, but the configuration process is almost the same for all Linux distributions.

Last comment 25 December 2018
+ 4   7 4
471

views

+ 4

rating

Not everyone knows that InterSystems Caché has a built-in tool for code profiling called Caché Monitor.

Its main purpose (obviously) is the collection of statistics for programs running in Caché. It can provide statistics by program, as well as detailed Line-by-Line statistics for each program.

Using Caché Monitor

Let’s take a look at a potential use case for Caché Monitor and its key features. So, in order to start the profiler, you need to go to the terminal and switch to the namespace that you want to monitor, then launch the %SYS.MONLBL system routine:

Last comment 14 December 2018
+ 3   7 2
454

views

+ 3

rating

So, one day you're working away at WidgetsDirect, the leading supplier of widget and widget accessories, when your boss asks you to develop the new customer facing portal to allow the client base to access the next generation of Widgets..... and he wants you to use Angular 1.x to read into the department's Caché server.   

There's only one problem:  You've never used Angular, and don't know how to make it talk to Caché.

This guide is going to walk through the process of setting up a full Angular stack which communicates with a Caché backend using JSON over REST.  

Last comment 13 December 2018
+ 16   3 10
3645

views

+ 16

rating

In this article, I would show how you can upload and download files from InterSystems products via http.

The questions about working with files over http arise fairly often on community and I'm usually linking to my FileServer project which demonstrates file upload/download but I'd like to talk a bit more on how we can serve and receive files from InterSystems products.

Last comment 26 November 2018
+ 3   3 2
582

views

+ 3

rating

This code snippet provides a ZEN page that downloads a stream from its database directly:


/// We assume that you have stored your data within this schema:
/// MyApp.Model.Storage: Filename,FileSize,Content,ContentType
Class zen.downloadStream Extends (%ZEN.Component.page,%CSP.StreamServer)
{
 
    /// Wrapper to get the id of the download, we assume that the id is passed to this zen page
    /// as a URI parameter, i.e.: MyApp.Downloads.cls?OID=1234
    ClassMethod GetId()
    {
        Quit $Get(%request.Data("OID",1))
    }
     
    /// Set the appropriate header for the file.
    ClassMethod OnPreHTTP() As %Boolean
    {
        Set tId = ..GetId()
     
        If ##Class(MyApp.Model.Storage).%ExistsId(tId) {
            Set tStream = ##Class(MyApp.Model.Storage).%OpenId(tId)
            // You could "guess" the content type by its file extension
            // or you can store it (before) in the database separately (like in this example).
            // Set Extension = $Piece(tStream.Filename,".",$Length(tStream.Filename,"."))
            // Set ContentType = ..FileClassify(Extension)
     
            Set %response.ContentType = tStream.ContentType
            Do %response.SetHeader("content-disposition","attachment; filename="_tStream.Filename)
            Do %response.SetHeader("Content-Length",tStream.FileSize)
        }
        Else {
            Set %response.Status="404 File Not Found"
            Quit 0
        }
        Quit $$$OK
    }
     
    ClassMethod OnPage() As %Status
    {
        Set Download = ##Class(MyApp.Model.Storage).%OpenId(..GetId())
        Do Download.Content.OutputToDevice()
        Quit $$$OK
    }
 
}

Link to code on GitHub

Last comment 9 October 2018
+ 1   2 2
171

views

+ 1

rating

or "Bonus Breakage"

In our last lesson, we added a relationship between 2 persistent classes.  We are clearly going to need to start creating REST Services to expose CRUD operations for each of these classes, but before we do that, we should really finish defining our linkages.  We added code to our Widget toJSON to spool off related Accessory data, so we should really do the reciprocal and allow Accessories to return all Widgets that are compatible.

Last comment 24 September 2018
+ 3   1 2
546

views

+ 3

rating

or "Didn't you say you would cover Persistent Objects in Part 5, Chris?"

Yes, that was the plan.  This is a pretty important topic, so it get's its own Article

Up until now, we've display widget JSON that has been created by a basic loop.  Clearly this isn't of much value.  Now we have our stack connected together, and we can see that the data is flowing to the Welcome page, it's time to complete the stack and start feeding our service from "real" data.

Last comment 4 July 2018
+ 2   0 3
843

views

+ 2

rating

In this article I would like to present the RESTForms project - generic REST API backend for modern web applications.

The idea behind the project is simple -after I wrote several REST APIs I realized that generally, REST API consists of two parts:

  • Work with persistent classes
  • Custom business logic

And, while you'll have to write your own custom business logic, RESTForms provides all things related to working with persistent classes right out of the box.
Use cases

  • You already have a data model in Caché and you want to expose some (or all) of the information in a form of REST API
  • You are developing a new Caché application and you want to provide a REST API
Last comment 17 May 2018
+ 12   3 8
3304

views

+ 12

rating

This series of articles aims to address the following topics:

  • Creation of a web application based on REST pages;
  • Overview of some tools for tracing (debugging) HTTP requests;
  • Switching from hyperevents to... hyperevents;
  • Integration with jQuery File Upload;
  • Conversion of JSON from the {id:1,parentId:1} format to the {id:1,children:[{}]} format for tree visualization;
  • Integration with jQuery EasyUI (using datagrid and tree as examples);
  • Other topics.

Last comment 8 March 2018
+ 4   0 3
589

views

+ 4

rating

In our last lesson, we implemented a new REST Service to allow us to perform CRU operations on Widgets, and refactored our Controllers to allow the page setup to be decouple from the content.

Last comment 2 March 2018
+ 3   0 6
584

views

+ 3

rating