|
- Security error in a secure transaction
- Retrieval
- Accessing a password-protected URL
- Using a proxy
- Authentication headers
HTTPRequest (Function) In french: HTTPRequête Starts an HTTP request on a server. The result of the query (HEX@) can be: Remarks: - Two types of requests are supported: POST and GET. The GET requests are automatic. If the "Message to send" is not specified, it is a GET request (see the syntax). To manage forms, we recommend that you use the functions for form management (HTTPCreateForm, HTTPSendForm, ...).
// Retrieve the HTML code of "www.windev.com" Web page
ResStart = HTTPRequest("http://www.windev.com")
// Retrieve an HTML page that is using a protected URL
ResStart = HTTPRequest("http://www.windev.com", ...
"", "", "", "", "Julia", "Password")
Syntax
<Result> = HTTPRequest(<URL to contact> [, <User agent> [, <Additional HTTP header> [, <Message to send> [, <Message type> [, <User name> [, <Password>]]]]]])
<Result>: Boolean - True if the request was started,
- False if an error occurred. To get the details of the error, use ErrorInfo with the errMessage constant.
The result of the request can be saved in a backup file by HTTPDestination or it can be retrieved by HTTPGetResult.
<URL to contact>: Character string (with quotes) Address of server to contact (URL address). This parameter can contain:- the port number for connecting to the server. The default value is 80 (corresponds to a server of Web pages). To specify a port number, use the following format: "<Server URL>:<Port #>". For example: http://www.windev.com:80.
- additional parameters. These parameters can be used to perform a search or to fill a form. For example, to find "windev" on "http://www.google.com", the URL to contact will be: "http://www.google.com/search?q=windev".
Remarks: - To specify both the port number and additional parameters, use the following format: "<Server URL>:<Port #>/<Additional parameters>".
- To perform a secure transaction, the URL must start with "https://". In this case, the management mode of requests is always performed by Internet Explorer (see HTTPParameter for more details).
<User agent>: Optional character string (with quotes) Identifies the client. The application name is returned by default.
The content of the response may depend on the user agent (for example, a request performed from a mobile device and a request performed from a PC browser require different pages). In this case, see the documentation of user agent for more details.
<Additional HTTP header>: Optional character string (with quotes) - Additional HTTP header that will be added to the HTTP message,
- Empty string ("") if no HTTP header must be added.
<Message to send>: Optional character string (with quotes) HTTP message that will be sent to the server. This parameter can be specified only for a request for sending messages (POST request). The message to send must comply with the HTTP protocol used. If this parameter is specified and if it is not empty, it is a POST request; otherwise, it is a GET request (everything else is automatic). <Message type>: Optional character string (with quotes) Type of content of HTTP message that will be sent to the server. This parameter can be specified only for a request for sending messages (POST request). This parameter corresponds to "Content-Type".
By default, the message type corresponds to: "application/x-www-form-urlencoded".
However, you have the ability to use any value, for example: "text/xml", "application/javascript", "application/json", "application/xml", "image/jpeg", ...
 Versions 16 and laterTo send rough data that will be read at once by the WEBDEV application server, use the following types: - "application/octet-stream".
- "text/xml".
 New in version 16To send rough data that will be read at once by the WEBDEV application server, use the following types: - "application/octet-stream".
- "text/xml".
- "application/octet-stream".
- "text/xml".
<User name>: Optional character string (with quotes) Name used to access a page with a protected URL (empty string by default). This name is used to identify the user.Remark: If ..UserName and ..Password are specified, the corresponding "Authorization:Basic" is automatically generated in the request header.
<Password>: Optional character string (with quotes) Password associated with the user name (empty string by default). Used to access a page with a protected URL. Caution: The password is not encrypted when it is sent on Internet.Remark: If ..UserName and ..Password are specified, the corresponding "Authorization:Basic" is automatically generated in the request header.
Remarks Security error in a secure transaction During a secure transaction, the request may fail due to security errors: - invalid certificate or certificate coming from an unknown company.
- the name of the site specified in the certificate does not correspond to a server.
- invalid or expired certificate date.
- redirection to a non-secure server.
- ...
If one of these errors occurs, you can re-run the request while ignoring the errors. To do so, use the HTTP.IgnoreError variable. The HTTP.IgnoreError variable can also be used to manage special cases during the secure transactions (ignoring the list of revoked certificates for example). | | | Error returned by ErrorInfo
(with the errCode constant) | Value of HTTP.IgnoreError
(these values can be combined) | Description |
|---|
httpErrorInvalidCertificate
Invalid certificate or certificate coming from an unknown company | httpIgnoreInvalidCertificate | The certificate is ignored. | httpErrorInvalidCertificateName
The site name specified in the certificate does not correspond to a server | httpIgnoreInvalidCertificateName | The site name specified in the certificate is ignored. | httpErrorExpiredCertificate
Invalid or expired certificate date | httpIgnoreExpiredCertificate | The certificate date is ignored | httpErrorRedirectToHTTP
Redirection to a non-secure server | httpIgnoreRedirectToHTTP | The redirection to a non-secure server is allowed. | httpIgnoreRedirectToHTTPS
Redirection to a secure server | httpIgnoreRedirectToHTTPS | The redirection to a secure server is allowed. | | httpIgnoreRedirection | The redirection to a page is ignored. | | httpIgnoreRevocation | The certificate found in the list of revoked certificates is not checked. |
For example:
// Start a request on a secure server
ResStart = HTTPRequest("https://www.MyServer.com")
// If an error occurs
IF ResStart = False THEN
// According to the type of error
SWITCH ErrorInfo(errCode)
// Invalid certificate
// or coming from an unknown company
CASE httpErrorInvalidCertificate:
// Ignore the certificate?
IF YesNo("Security alert detected!", ...
"Invalid certificate.", ...
"Ignore this certificate?") = Yes THEN
HTTP.IgnoreError = httpIgnoreInvalidCertificate
// Start the request again
// while ignoring this error
HTTPRequest("https://www.MyServer.com")
END
// Invalid or expired certificate date
CASE httpErrorExpiredCertificate:
// Ignore the certificate date?
IF YesNo("Security alert detected!", ...
"Certificate date invalid or expired.", ...
"Ignore this date?") = Yes THEN
HTTP.IgnoreError = httpIgnoreExpiredCertificate
// Start the request again
// while ignoring this error
HTTPRequest("https://www.MyServer.com")
END
END
END
Remarks: - When the HTTP queries are run in several threads, the HTTP.IgnoreError variable has a specific value for each thread.
Retrieval HTTPGetResult is used to retrieve the result of last HTTP request run. - the function HTTPGetResult used with the constant httpResult always returns a string Void ("").
- HTTPGetResult associated with the httpHeader constant always returns the header of the HTTP response. This header is not saved in the destination file: only the data is saved.
When the request is over, the destination is canceled and HTTPRequest operates as usual.
This page is also available for…
|
|
|
| |
| Click [Add] to post a comment |
|
| |
|
| |
| |
| |
| |
| |
| |
| | |
| |