| Server:basexml |
| Instance:SOAXML |
| User:UnknownUser |
 |
|||
| Private Storage | |||
The %CSP.Page object serves as an event handler for CSP requests. All .csp
pages by default derive from %CSP.Page, although you can override this using the <CSP:CLASS>
tag. CSP Servlets can be created by deriving a class from %CSP.Page, see
|
|
|
|
|
|
Specifies the default character set for the page. This can be overriden using the <CSP:CONTENT CHARSET=> tag, or by setting the %response.CharSet property in theOnPreHTTP method. If this parameter is not specified, then for Unicode systems the default charset is utf-8 and for 8-bit systems it is the system default charset.
Specifies the default content type for the page. This can be overriden using the <CSP:CONTENT TYPE=> tag, or by setting the %response.ContentType property in theOnPreHTTP method. The default value if this parameter is not set is text/html.
If this page was compiled from a .csp file, then this parameter contains the filename used for compilation.
The CSPSTRICT parameter is set to 1, if the DOCTYPE indicates that this is a strict or frameset XHTML or HTML 4 page.
This parameter is used to make sure that if multiple CSP applications are mapped to the same namespace that the CSP engine can correctly identify which class corresponds with which URL. If 'LockCSPName' is true (the default, defined in the CSP application) then you can only access this page if the url exactly matches this 'CSPURL'. You can set this parameter to "" if you wish to disable this check for this class. This check is applied for all CSP urls (cls/csp/zen).
If this page was compiled from a .csp file, then this parameter is automatically set to contain the url of this file used for compilation.
The CSPXHTML parameter is set to 1, if the DOCTYPE indicates that this is an XHTML page.
The default domain for csp:text, span and div tags. This parameter is used to specify the subset of localized messages to be used on this page.
Controls how the query parameters for this page are passed, it can be set to one of the following:
- ENCODED=0 - Query parameters are not encrypted
- ENCODED=1 - Query parameters are encrypted and passed within CSPToken
- ENCODED=2 - Same as '1' except any unencrypted parameters are removed from the %request object before calling the
Page method. This ensures that only encrypted parameter are available in the%CSP.Request object.
Specify a custom error page to call if there are any problems with generating this page. If this is not specified it will use the default error page specified for this CSP application, and if this is not specified it will use the system default error page. For example this could be set to '/csp/samples/error.csp' to display the sample error page.
Specified the default value for the %response.Expires.
It can be set to one of the following values:
Note that setting this header also effects the 'Cache-Control' and 'Pragma' headers. If the page is set to expire immediately then it will send a 'Cache-Control: no-cache' and 'Pragma: no-cache' to prevent any caches from storing the page. If the page is set to never expires then it will not send any 'Cache-Control' or 'Pragma' headers. If you set an expires date then it will not modify the 'Cache-Control' or 'Pragma' headers so if they are set they will be sent as specified and if you did not set them then nothing will be sent for these headers.
- -1: Expire immediately, this is the default for a CSP page
- "": Never expire (no HTTP Expires header is sent)
- nnnnn: Number of seconds from now when the object should expire
- Thu, 29 Oct 1998 17:04:19 GMT: Absolute time at which the object should expire
- ddddd,sssss: Absolute time the object should expire in $ZTimeStamp format. Note that this must be specified in the GMT timezone
Specifies if we wish to turn off charset conversion for this page. Normally CSP uses the tables built into Cache to convert between different charset's, however if you do not have a charset available you may wish to turn this off to avoid getting the error page saying that this charset is not installed. Then the data will be output and read in using RAW mode. This can be overridden using the <CSP:CONTENT NOCHARSETCONVERT=1> tag, or by setting the %response.NoCharSetConvert property in theOnPreHTTP method.
If this parameter is true then we automatically record timing statistics of how long it takes to produce this page. It is off by default.
Controls the access to the page, it can be set to one of the following:
The user needs initially to enter the site through a PUBLIC page.
- PRIVATE=0 - Page can be linked to/bookmarked
- PRIVATE=1 - Can only be referenced from another CSP page
Used by the timing to decide how many slots a day should be divided up into. The default is to record the timings over half an hour (48 slots per day). If you need more detail you can modify this value in the superclass.
|
|
You pass this theurl of the page you are going to and aname andvalue parameter and it will return the name and value encrypted if the target page is encoded.
Decrypts the input string using the %session.Key value that is unique to this user session. The input string is the string provided by theEncrypt method, the output is the decoded string.
Encrypts the input string using the %session.Key value that is unique to this user session. The output string is a string that can be included in HTML and in URLs as it does not contain any characters that need to be escaped in these environments. It can be decrypted with theDecrypt .Note that the data must not contain any unicode characters as the encryption function just takes a byte stream. If you wish to encrypt unicode data then the simplest way is to form a $listbuild of the string first to convert it into a byte stream.
This method converts input HTML text into Escaped HTML text.
This method converts the in input URL string into Escaped URL string. Note that '/' is not escaped which is consistent with rfc3986
This method is deprecated since Java applet based hyperevents are no longer supported.This method returns the text that needs to be written to the current device during the generation of the <body> section in order to use #server()# style HyperEvents. If you only need to use the #call()# style HyperEvents then this is not required. See
HyperEventCall for details. This is not needed if you are using #server, #vbserver or #call calls from a .csp page as this is automatically inserted, it is only required when generating the class or the HyperEvent calls directly.
This method returns the string that needs to be written to the current device in order to insert a HyperEvent into a CSP page that is defined via a class. This method is the hand written class equivalent of using #call(...)#, #server(...)# or #vbserver(...)# in a CSP page.The methodName argument defines the method to call in the same format as #server: either ..method or package.class.method.
The args argument defines the runtime JavaScript arguments to be passed to the Cache method as a comma separated string.
The type argument is 0 if you wish to use a #server(...)# style HyperEvent (this is the default), 1 if you wish to use a #call(...) style HyperEvent. Note that if the argument is 0 then it will use double quotes for the JavaScript which is the behaviour of #vbserver in a csp page, this will work correctly in both JavaScript and VBScript but you need to be aware that it will quote its parameter with ".
In order to use this method,
HyperEventHead must be used in the <head> section and if you are using the #server style hyperevent then you also needHyperEventBody be used in the <body> section.An example of an OnPage method for your page using a #call(...)# style HyperEvent:
Write "<html>",! Write "<head>",! Write ..HyperEventHead(),! Write "</head>",! Write "<body>",! Write "My New CSP Page!",! Write "<form name=""f"">",! Write "<input type=""text"" name=""f1"" value=""fieldabc"">",! Write "<input type=""text"" name=""f2"" value=""fielddef"">",! Write "<input type=""button"" value=""Go"" onclick='" Write ..HyperEventCall("..MyMethod","self.document.f.f1.value,self.document.f.f2.value",1) Write ";'>",! Write "</form>",! Write ..HyperEventFrame(),! Write "</body>",! Write "</html>",! Quit $$$OK
This method is deprecated since iframe based hyperevents are no longer supported.This method returns the text that needs to be written to the current device just before the generation of the </BODY> section in order to use #call()# style HyperEvents. This is not needed if you are using #call calls from a .csp page as this is automatically inserted, it is only required when generating the class or the HyperEvent calls directly. Passing the argument strict=1 will create strict HTML 4 format of script tag.
This method returns the string that needs to be written to the current device during generation of the <head> section in order to use HyperEvents. SeeHyperEventCall for details. This is not needed if you are using #server, #vbserver or #call calls from a .csp page as this is automatically inserted, it is only required when generating the class or the HyperEvent calls directly. Passing the argument iframeOnly=1 will suppress loading Javascript to be used only for XMLHttpRequest. The iframeonly argument is now ignored since #call and #server now both use XMLHttpRequest. However, the iframeonly argument is kept for compatibility. Passing the argument strict=1 will create strict HTML 4 format of script tag.
Include another csp page or file in the output at this point. If the url ends in either 'csp' or 'cls' then it will call the csp or cls class to generate output skipping the output of the HTML headers. If the url is a file then it uses the stream server to output this file. This url can be a relative path in which case it will be resolved based on the current page url first. This is called by the <csp:include Page="page.csp"> tag.You can pass additional parameters to the included page by adding them to the url to call. These parameters will only exist for the included page and the %request object is restored when it returns to the calling page. For example:
<csp:include Page="page.csp?PARAM=VALUE">
Inserts a '<input type="hidden" name="Name" value="Value">' tag into the current document. If the target url you are submitting to (url ) is encoded then this will encrypt the data in this hidden link. In this way it is similar to theLink . Theextra are any extra attributes to add to the tag.For example:
<form action="target.csp"> #(..InsertHiddenField("target.csp","Name","Value"))# <input type=submit name=Submit> </form>
Return the string containing the hidden form tags. You pass it theurl URL of the target page that this form is submitted to (the action=xxx attribute).The array,
query , contains an optional set of name-value pairs which are also output as hidden input fields. This is normally called automatically directly after the <FORM> tag to insert any hidden input tags that are required. However if you generate a form programatically then you may need to call this function just after you output the <FORM> tag.
Returns 1 if this page is in fact a private page (seePRIVATE ).
Tranforms the link specified by link into a URL and returns it as a string.The URL may be encrypted.
The array, query, contains an optional set of name-value pairs which are added to the URL. For example 'Set query("name")="data"'
If the optional argument addQ is true, then a ? or &, as appropriate, is added to end of the URL
Event handler for PAGE event: this is invoked in order to send HTTP headers. The default action is to invoke the WriteHTTPHeader() of the%CSP.Response which generates HTTP 1.0 standard headers. Set OutputBody to 0 to prevent preventOnPage from being called, leave it unchanged otherwise. Returns a%Status code.
Event handler for PAGE event: this is invoked in order to generate the content of a csp page.
Event handler for any error that occurs on the page. If an error occurs and this method is defined it calls this method passing it the error code by reference. You may change the error code if wished, if you set it to $$$OK then it will cancel the error and the CSP error page will not be displayed.
Event handler for POSTPAGE event: this is invoked after the data for the CSP page has been sent to the browser from the Cache server.
Event handler which is invoked after a hyperevent method is called on this page.
Event handler for PreHTTP event: this is invoked before the HTTP headers for a CSP page have been sent. All changes to the%CSP.Response class, such as adding cookies, HTTP headers, setting the content type etc. must be made from within the OnPreHTTP() method. Also changes to the state of the CSP application such as changing %session.EndSession or %session.AppTimeout must be made within the OnPreHTTP() method. It is prefered that changes to %session.Preserve are also made in the OnPreHTTP() method as this is more efficient, although it is supported in any section of the page. Return 0 to preventOnPage from being called.
Event handler which is invoked before a hyperevent method is called on this page. This gives you a chance to modify the behavior of every hyperevent call within this page. Return an error code to prevent the hyperevent from being called.
Process a request to serve a CSPPage. This method is invoked by the Caché CSP Server. In turn, this method invokes:Note that
- OnPreHTTP()
- OnPage()
- OnPostHTTP()
OnPostHTTP() always gets run, even if there was an error.
skipheader will skip the running of the OnPreHTTP() method.
This method converts input string into quoted JavaScript literal
This method will rewrite a URL to use #url()# if needed
Display a%Status error code to the CSP Page.
Used to get performance information on your CSP pages. This is called to start the timing of a block of code. The name specifies the type of component we are timing, for example we automatically call this with 'Page' at the start and end of the rendering of the CSP page. The idea is that you can call this at the start and end of any block of code to log information on how long this is taking.This is a default implementation of what sort of information to log, however you can subclass this and
StopTimer to enhance the information that is logged.
Used to time performance information on your CSP pages. This is called to stop the timing of a block of code. The name specifies the type of component to time. SeeStartTimer for more information on this.
Passed a%Status code this goes to the error page passing this status code
This method converts Escaped HTML text into normal HTML text
This method converts the in Escaped URL string back to its original form.