In HTML world, we have two sides. Server and Browser. Upload means that some users far from our server can choose the file on their machines and upload it to the server through the network. The server will get full this file and only filename. You can't get file path because it is useless to you. If you would run this file in a browser and try to choose any your local file then push upload file button. You will get some information about this file, like for me.

Second parameter test flag in method Post can help you to understand what you send and what do you receive from the destination server.

 If test is 1 then instead of connecting to a remote machine it will just output what it would have send to the web server to the current device, if test is 2 then it will output the response to the current device after the Post.

s sc = httprequest.Post("/api/v0/bwxpert/visiocheck/account", 1)

should show something like

POST /api/v0/bwxpert/visiocheck/account HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; Cache;)
Host: 194.2.225.126
Accept-Encoding: gzip
Authorization: Basic X1N5c3RlbTpTWVM=
Content-Length: 2
Content-Type: application/json
 
{}

And I think in your case error in this line

d httprequest.EntityBody.Write(json)

Write method expects to see string, but I think you put some JSON object here. So, you have to change it.

d httprequest.EntityBody.Write(json.%ToJSON())

Some notice, put full address with server name and port to Post is redundant, while you already use this address for particular properties.

PS: It is not secure to publish IP to your publicly available server. As a moderator I replaced your IP to localhost, and fixed formatting.

It is very interesting and quite difficult question. Depends on how modern your application and how you build it.

The modern way to build web-application means that you use some web-frameworks such as Angular, React and so on. In this case, most of you frontend staff in Javascript/Typescript and even such pages can be already on the client side when user open your application. And it means that you can use some guardians to prevent access to some pages. But how to decide which user can have access which not. You have to ask about permissions from your server. And on server-side, you will have REST service which should AccessToken from browser to authorize all requests and return data which available by permissions for this user. REST service can even use or not session because with every request you will get information about the user from Access-Token. 

 I am having only one issue related to getting the SSH daemon to run on when the container starts.

Dou you need it for local use, just to have access to the console or you have to share console access outside?

In case if you need local access, you can use docker exec command to get access inside of your container and run command.

docker exec -it 'container_name' csession 'instance_name' -UUSER

if you have to share access, I think it is also possible to achieve but with the second container and links between.

(& and !) can be used almost everywhere, but not recommended because both operands will be calculated. And sometimes it can cause some unexpected behaviour. Look at my example

USER>set a=1 if a!$i(a) zw a
a=2

even when the first expression already truth second one also calculated and increased the value

USER>set a=1 if a||$i(a) zw a
a=1

In this case, the first expression already truthy, and in OR condition it's enough to make full logical expression truthy as well, and not need to calculate the second expression.

right from the documentation

You can combine multiple Boolean logical expressions by using logical operators. Like all Caché expressions, they are evaluated in strict left-to-right order. There are two types of logical operators: regular logical operators (& and !) and short-circuit logical operators (&& and ||).

When regular logical operators are used to combine logical expressions, Caché evaluates all of the specified expressions, even when the Boolean result is known before all of the expressions have been evaluated. This assures that all expressions are valid.

When short-circuit logical operators are used to combine logical expressions, Caché evaluates only as many expressions as are needed to determine the Boolean result. For example, if there are multiple AND tests, the first expression that returns 0 determines the overall Boolean result. Any logical expressions to the right of this expression are not evaluated. This allows you to avoid unnecessary time-consuming expression evaluations.

Some commands allow you to specify a comma-separated list as an argument value. In this case, Caché handles each listed argument like an independent command statement. Therefore, IF x=7,y=4,z=2 is parsed as IF x=7 THEN IF y=4 THEN IF z=2, which is functionally identical to the short-circuit logical operators statement IF (x=7)&&(y=4)&&(z=2).