Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Web Server - Ask For Help / Input filtering
« on: May 07, 2014, 08:46:16 AM »
Hello-
Are there extensions to the p_web.GetValue() method that would add character filtering and/or length filtering?
Background:
We're building an interface between Salesforce and our web application. As part of their security review of the interface, they also (we didn't ask) did a review of our web application. Interesting findings, but one was Cross Site Scripting problem. Here they suggested adding a whitelist of characters that each field would be validated against.
In reviewing the finding, I don't think that the problem was actually caused by our server, but from APEX code (Salesforce dev environment), but I want to check in case I needed to this as well.
Currently I have "Parse" methods that take GetValue returns and convert them into clarion values. So far I have: ParseBoolean (converts on/off,true/false,1/0), ParseDate(deformat), ParseAmount(strip commas and non-numeric characters) and ParseText(to handle new-lines) to handle values. String values I haven't touched, but could another method.
If you have these corresponding methods, i would use them instead...
Thanks,
Gordon
Are there extensions to the p_web.GetValue() method that would add character filtering and/or length filtering?
Background:
We're building an interface between Salesforce and our web application. As part of their security review of the interface, they also (we didn't ask) did a review of our web application. Interesting findings, but one was Cross Site Scripting problem. Here they suggested adding a whitelist of characters that each field would be validated against.
In reviewing the finding, I don't think that the problem was actually caused by our server, but from APEX code (Salesforce dev environment), but I want to check in case I needed to this as well.
Currently I have "Parse" methods that take GetValue returns and convert them into clarion values. So far I have: ParseBoolean (converts on/off,true/false,1/0), ParseDate(deformat), ParseAmount(strip commas and non-numeric characters) and ParseText(to handle new-lines) to handle values. String values I haven't touched, but could another method.
If you have these corresponding methods, i would use them instead...
Thanks,
Gordon
2
Web Server - Ask For Help / Re: NT 8 Conversion
« on: May 06, 2014, 07:47:42 AM »
Hello Bruce-
Thanks!
BTW, wouldn't it make sense to cache on the url including arguments instead of just the file name? For me this means I wouldn't have to change between production and test modes. In production mode the cache busting doesn't happen from the client side.
Or perhaps look to see if the date of the file has changed.
Regards,
Gordon
Thanks!
BTW, wouldn't it make sense to cache on the url including arguments instead of just the file name? For me this means I wouldn't have to change between production and test modes. In production mode the cache busting doesn't happen from the client side.
Or perhaps look to see if the date of the file has changed.
Regards,
Gordon
3
Web Server - Ask For Help / NT 8 Conversion
« on: May 05, 2014, 01:33:27 PM »
Hi All-
Been a while since I've posted here, but here goes.
Finally moved from NT5 all the way to 8. Broke a few things along the way, but all seems to be working fine now. The only exception is something that is mostly annoying;
We use a lot of custom javascript files in the development process. After I've made a change to any of these files, I usually press CTRL-F5 to force a refresh in the browser to continue testing and/or debugging of the javascript. Instead of the changed js file being loaded, the original is loaded again.
This was not happening with NT5. In addition, the framework we're using dynamically loads the js files and provides a cache-busting argument on the url as in: http://localhost:88/ep/lib/ux/UpdateButtons.js?_dc=1399325165969 that doesn't seem to have any effect.
The only way I can get the new js file to load is to restart the web server.
Is there some caching going on in the nt server? Is there a setting that would fix this?
Thanks,
Gordon
Been a while since I've posted here, but here goes.
Finally moved from NT5 all the way to 8. Broke a few things along the way, but all seems to be working fine now. The only exception is something that is mostly annoying;
We use a lot of custom javascript files in the development process. After I've made a change to any of these files, I usually press CTRL-F5 to force a refresh in the browser to continue testing and/or debugging of the javascript. Instead of the changed js file being loaded, the original is loaded again.
This was not happening with NT5. In addition, the framework we're using dynamically loads the js files and provides a cache-busting argument on the url as in: http://localhost:88/ep/lib/ux/UpdateButtons.js?_dc=1399325165969 that doesn't seem to have any effect.
The only way I can get the new js file to load is to restart the web server.
Is there some caching going on in the nt server? Is there a setting that would fix this?
Thanks,
Gordon
4
Web Server - Ask For Help / Re: xml file upload
« on: July 05, 2012, 12:21:26 PM »
Hello Bruce-
Thanks! That works great. This is a file generated by the app to simulate the SendTo functionality with a browse. What I did was add to the _SendFile method in the WebHandler procedure the following:
Thanks! That works great. This is a file generated by the app to simulate the SendTo functionality with a browse. What I did was add to the _SendFile method in the WebHandler procedure the following:
Code: [Select]
!! Set content disposition for generated excel files
IF LEFT(CLIP(loc:filename), 3) = '$$$' |
AND RIGHT(CLIP(loc:filename), 9) = 'excel.xml'
SELF.HeaderDetails.ContentDisposition = 'attachment; filename="'&CLIP(loc:filename)&'"'
PARENT._SendFile(p_FileName,p_header)
RETURN
END
5
Web Server - Ask For Help / xml file upload
« on: July 03, 2012, 05:29:11 PM »
Hi All-
I'm trying to use a technique that I've seen from other web apps where an Excel report is generated as an xml file and then when opened in a browser, Excel will automatically open the file as a spreadsheet.
The attached file is such an output file. When opened in windows, the file opens properly. When accessed through firefox served up through a nettalk server I get an error.
Any ideas on how to make this work? My current work around is to give the file n xls extension. I get an error, but the file will open. Perhaps setting a content type?
Regards,
Gordon
[attachment deleted by admin]
I'm trying to use a technique that I've seen from other web apps where an Excel report is generated as an xml file and then when opened in a browser, Excel will automatically open the file as a spreadsheet.
The attached file is such an output file. When opened in windows, the file opens properly. When accessed through firefox served up through a nettalk server I get an error.
Any ideas on how to make this work? My current work around is to give the file n xls extension. I get an error, but the file will open. Perhaps setting a content type?
Regards,
Gordon
[attachment deleted by admin]
6
Web Server - Ask For Help / Re: Running multiple instances of the same server
« on: August 24, 2011, 08:48:20 AM »
My Bad-
This was a problem with how I had self service setup.
Thanks,
Gordon
This was a problem with how I had self service setup.
Thanks,
Gordon
7
Web Server - Ask For Help / Running multiple instances of the same server
« on: August 24, 2011, 07:59:42 AM »
Hi There-
I have a nettalk server that is limited to a single database (remember Bruce, we tried to change that without success). I'd like to just have different instances of the app running using different ports. It appears that somewhere it checks for this and I get a message: "Warning xxxx cannot load as another instance is already running.". The second copy is in a different folder, but I still get the error.
Is this a NetTalk error? Is there a way to get around this?
Thanks,
Gordon
I have a nettalk server that is limited to a single database (remember Bruce, we tried to change that without success). I'd like to just have different instances of the app running using different ports. It appears that somewhere it checks for this and I get a message: "Warning xxxx cannot load as another instance is already running.". The second copy is in a different folder, but I still get the error.
Is this a NetTalk error? Is there a way to get around this?
Thanks,
Gordon
8
Web Server - Ask For Help / Re: Filling in PDF Forms
« on: April 05, 2011, 11:04:44 AM »
Hi Ron-
Unless I'm way off base as far as web PDF's are concerned, if you are trying to get a windows like experience where you display the form as part of your app and capture the data the user filled in, it's not going to happen. Once you push the PDF out to the user, the only way to get the form back is to have the user save the PDF and then upload back to the server. Probably too many steps and way to hard for the typical user.
You might look at capturing the input in a web form (that's what NetTalk is all about) and then pushing the filled in form back to the user. In this case, it would be only for the user to verify.
HTH,
Gordon
Unless I'm way off base as far as web PDF's are concerned, if you are trying to get a windows like experience where you display the form as part of your app and capture the data the user filled in, it's not going to happen. Once you push the PDF out to the user, the only way to get the form back is to have the user save the PDF and then upload back to the server. Probably too many steps and way to hard for the typical user.
You might look at capturing the input in a web form (that's what NetTalk is all about) and then pushing the filled in form back to the user. In this case, it would be only for the user to verify.
HTH,
Gordon
9
Web Server - Ask For Help / Re: Default CSS colors
« on: April 05, 2011, 09:18:42 AM »
Thanks Bruce,
Now that I know what it is supposed to be, I've fixed mine as well. It always amazes me what people focus on. We demoed our employee portal to our resellers and they liked everything they saw, but we must have spend 15 minutes talking about the colors that you can use and the ones that weren't working.
Regards,
Gordon
Now that I know what it is supposed to be, I've fixed mine as well. It always amazes me what people focus on. We demoed our employee portal to our resellers and they liked everything they saw, but we must have spend 15 minutes talking about the colors that you can use and the ones that weren't working.
Regards,
Gordon
10
Web Server - Ask For Help / Default CSS colors
« on: April 04, 2011, 01:10:21 PM »
Hi Bruce;
Just a tweak is needed for your shipping styles. I'm using the various colors as part of a span tag and I allow the user to specify the colors that they wish to use. All the colors except purple and teal work. I'm not quite sure why it's not working though since the hex code looks correct. I've attached a screen shot to see if that helps.
Regards,
Gordon
[attachment deleted by admin]
Just a tweak is needed for your shipping styles. I'm using the various colors as part of a span tag and I allow the user to specify the colors that they wish to use. All the colors except purple and teal work. I'm not quite sure why it's not working though since the hex code looks correct. I've attached a screen shot to see if that helps.
Regards,
Gordon
[attachment deleted by admin]
11
Web Server - Ask For Help / Re: Popups from "Other" buttons on Browses and Forms
« on: March 25, 2011, 07:44:20 AM »
Thanks Bruce!
12
Web Server - Ask For Help / Re: Themes
« on: March 24, 2011, 01:06:46 PM »
Hi Bruce-
Another place that is a problem is where I have a local "Display" variable that spans the prompt/value/comment area. The same color scheme causes the text to be written in white. I added ' nt-prompt' to the CSS Class to fix the problem, but it's not ideal.
See attached screen shot for sample:
[attachment deleted by admin]
Another place that is a problem is where I have a local "Display" variable that spans the prompt/value/comment area. The same color scheme causes the text to be written in white. I added ' nt-prompt' to the CSS Class to fix the problem, but it's not ideal.
See attached screen shot for sample:
[attachment deleted by admin]
13
Web Server - Ask For Help / Re: Disable serving other pages
« on: March 24, 2011, 12:44:54 PM »
Thanks Bruce, That's what I was looking for.
Gordon
Gordon
14
Web Server - Ask For Help / Disable serving other pages
« on: March 16, 2011, 09:21:37 AM »
Hi All-
I am assuming that this can be done, but I'm not sure where to trap this; I know that the Nettalk server automatically serves up any files that are in the web folder. I'd like to keep this functionality, but only allow this to occur when the user is logged in. Should I add code to the _SendFile method in the web handler? How do I cause a 404 error if the user is not logged in? Is this the correct place?
Thanks in advance,
Gordon
I am assuming that this can be done, but I'm not sure where to trap this; I know that the Nettalk server automatically serves up any files that are in the web folder. I'd like to keep this functionality, but only allow this to occur when the user is logged in. Should I add code to the _SendFile method in the web handler? How do I cause a 404 error if the user is not logged in? Is this the correct place?
Thanks in advance,
Gordon
15
Web Server - Ask For Help / Re: Slow filtering
« on: March 16, 2011, 08:53:34 AM »
Are these tps files or SQL tables?
Typically browses in Nettalk will work the same as a regular clarion app. Any slowness can be improved by adding the proper indexes to the table.
HTH,
Gordon
Typically browses in Nettalk will work the same as a regular clarion app. Any slowness can be improved by adding the proper indexes to the table.
HTH,
Gordon