| Welcome, Guest |
You have to register before you can post on our site.
|
| Online Users |
There are currently 493 online users. » 0 Member(s) | 489 Guest(s) Applebot, Bing, Google, Yandex
|
| Latest Threads |
Need Help Integrating Mic...
Forum: IntraWeb General Discussion
Last Post: capheny
07-07-2026, 06:43 AM
» Replies: 0
» Views: 37
|
OpenSSL and concurrent re...
Forum: Indy
Last Post: kbriggs
07-05-2026, 02:41 PM
» Replies: 5
» Views: 174
|
Projeto Intraweb
Forum: IntraWeb General Discussion
Last Post: vonirpereira
07-03-2026, 06:51 PM
» Replies: 0
» Views: 99
|
Intraweb + Lazarus
Forum: IntraWeb Dúvidas Gerais
Last Post: vonirpereira
07-03-2026, 06:35 PM
» Replies: 0
» Views: 56
|
Image question on tiwjqdb...
Forum: IntraWeb General Discussion
Last Post: alex.trejo@tttnet.com.mx
07-01-2026, 12:19 AM
» Replies: 4
» Views: 4,285
|
TIWjQDBGrid erratic behav...
Forum: IntraWeb General Discussion
Last Post: alex.trejo@tttnet.com.mx
07-01-2026, 12:04 AM
» Replies: 4
» Views: 645
|
CSS file not reloading af...
Forum: IntraWeb General Discussion
Last Post: Gustave
06-30-2026, 09:00 PM
» Replies: 0
» Views: 112
|
IW 16.2.0 Missing librari...
Forum: IntraWeb General Discussion
Last Post: Gregory_Twedt
06-24-2026, 04:40 AM
» Replies: 5
» Views: 812
|
VCL conversion
Forum: Delphi General Discussion
Last Post: tobenschain
06-20-2026, 05:00 AM
» Replies: 0
» Views: 149
|
TIWjQDBGrid changing UI
Forum: IntraWeb General Discussion
Last Post: BoostedCruiser
06-08-2026, 02:02 AM
» Replies: 36
» Views: 71,000
|
|
|
| How to generate a more unique cookie |
|
Posted by: ALW2019 - 11-21-2019, 06:07 PM - Forum: IntraWeb General Discussion
- Replies (3)
|
 |
Running IntraWeb 14.2.8 with Delphi 10.1.
We have the requirement to destroy the original cookie that was generated prior to authentication, and generate a new cookie after authentication. The genrated post-authentication cookie is different, however the difference is negligible, only the last character is changed (for example from ‘3’ to ‘8’). Each new cookie should be randomly generated so that values cannot be predicted.
In ServerController, CookieOptions are HttpOnly(true), SessionCookies(true) and UseCookies(true).
Is there a way in IntraWeb 14.2.8 to adjust the method used, to generate a more secure/unique cookie after authentication?
Thank you.
|
|
|
| Event to authorize access to IW forms |
|
Posted by: cprmlao@hotmail.com - 11-20-2019, 11:14 PM - Forum: IntraWeb General Discussion
- Replies (8)
|
 |
Hi,
I have many forms in my project.
I have created a table to put the rights of each user.
Some users only can access some forms.
What would be the better event to check if a user is authorized to load and see the form?
I´d like to show a dialog message in that event if the user is not authorized.
I think is a a event in servercontroller. But, what? and How to send a async message to browse saying the user is not authorized? Is possible to send a message from servercontroller and not from a form?
I will appreciate some others ideas about it
Regards ,
Luiz
|
|
|
| Impossible to break SSL request w/o AV |
|
Posted by: evgenyk - 11-19-2019, 02:20 PM - Forum: Indy
- Replies (1)
|
 |
Hi,
How to correctly break SSL request that is launched in background thread ?
nowadays I have situation when TIdSSLSocket is destroyed after calling Disconnect:
Quote:IdSSLOpenSSL.TIdSSLSocket.Destroy
System.TObject.Free
IdSSLOpenSSL.TIdSSLIOHandlerSocketOpenSSL.Close
IdTCPConnection.TIdTCPConnection.Disconnect(???)
IdTCPConnection.TIdTCPConnection.Disconnect
but TIdSSLSocket.Send is still executed and I have AV because fSSL is nil:
Code: function TIdSSLSocket.Send(const ABuffer: TIdBytes; AOffset, ALength: Integer): Integer;
var
ret, err: Integer;
begin
Result := 0;
repeat
ret := SSL_write(fSSL, @ABuffer[AOffset], ALength); //<<<< AV
call-stack for this is
Quote:IdSSLOpenSSL.TIdSSLSocket.Send(...)
IdSSLOpenSSL.TIdSSLIOHandlerSocketOpenSSL.SendEnc(???,???,224)
IdSSL.TIdSSLIOHandlerSocketBase.WriteDataToTarget(???,???,224)
IdIOHandler.TIdIOHandler.WriteDirect(...)
IdIOHandler.TIdIOHandler.WriteBufferFlush(???)
IdIOHandler.TIdIOHandler.WriteBufferFlush
IdIOHandler.TIdIOHandler.WriteBufferClose
IdHTTP.TIdHTTPProtocol.BuildAndSendRequest(???)
IdHTTP.TIdCustomHTTP.ConnectToHost($7EA93560,???)
IdHTTP.TIdCustomHTTP.DoRequest(???,'https://.....',$7E91CBF0,$7E9B7AA0,(...))
IdHTTP.TIdCustomHTTP.Post('https://......',$8663B0,$7E9B7AA0)
as a workaround, I can suggest to add checking like if fSSL = nil then Break; in the beginning of loop
|
|
|
| Mixing of usersessions? |
|
Posted by: etwoss - 11-16-2019, 08:51 AM - Forum: IntraWeb General Discussion
- Replies (4)
|
 |
Hi
I use a datamodule pool with my program. Each user can have a different db to look at. The usersession holds the path to that database,
Now i adjusted the Lock and Unlock :
Code: function LockDataModule: TDtmMain;
begin
Result := TDtmMain(TIWServerController(GServerController).Pool.Lock);
if Result.IBDatabase.Connected then
begin
if Result.IBTransaction.InTransaction then
Result.IBTransaction.Rollback;
Result.IBDatabase.Connected := False;
end;
Result.IBDatabase.DatabaseName := UserSession.DbPad;
Result.IBDatabase.Open;
end;
And
Code: procedure UnlockDataModule(ADataModule: TDtmMain);
var
LTemp: TDataModule;
begin
LTemp := ADataModule;
if TDtmMain(LTemp).IBTransaction.InTransaction then
TDtmMain(LTemp).IBTransaction.Rollback;
TDtmMain(LTemp).IBDatabase.CloseDataSets;
TDtmMain(LTemp).IBDatabase.Close;
TDtmMain(ADataModule).IBDatabase.DatabaseName := '';
TIWServerController(GServerController).Pool.Unlock(LTemp);
end;
However, once in every 4-6 months we have a customer showing me data from another customers db! Which is ofcourse not what i want.
After loggin out/in the users gets the correct database info.
It's all about the line
Code: Result.IBDatabase.DatabaseName := UserSession.DbPad;
Which should work properly , if it choses someone else its usersession, this goes wrong.
Any idea what could go wrong ???
Eric
|
|
|
| E-Mail Validate?? |
|
Posted by: ShaneStump - 11-15-2019, 07:21 PM - Forum: IntraWeb General Discussion
- Replies (5)
|
 |
Howdy All!
I have an e-mail regexp that I have been using that validates most e-mail addresses.
I have tried it (and many others I have seen in stackoverflow) and none of them validate a test e-mail account I have been given by Viator. I have tried some of the online validators and they work!
So my question is does anyone have a C++ or Delphi regexp that can validate the following e-mail account and return True.
MSG-8b17fa92-7b35-4fdb-9f18-f8a69252e019+BR-999999999@expmessaging.tripadvisor.com
Thanks in advance,
Shane
|
|
|
| IW unable to server static files in folder |
|
Posted by: cprmlao@hotmail.com - 11-15-2019, 01:53 PM - Forum: IntraWeb General Discussion
- Replies (9)
|
 |
Hi I am trying create a valid SSL certificate withn zeroSSL.
To validate the CSR I choice HTTP option and zeroSSL saids I have to put some files in "{wwwroot}.well-known/acme-challenge/" folder
I am having a problem where IW is unable to server static files when I create ".well-known/acme-challenge/" into wwwroot.
IW returns an error of "Resource not found".
It seems IW has a problem com "hyphen". I was searching in the google, I can see "hyphen" is a legal char in a URL and doesn´t needs to encode it.
But if I encode it, I also have the same problem.
Code: 127.0.0.1/.well-known/acme-challenge/teste.txt // here I get resource not found
I did a test changing the names folder to the next, and it works
Code: 127.0.0.1/.well-known/acme_challenge/teste.txt // here it works
But I need to use:
Code: 127.0.0.1/.well-known/acme-challenge/teste.txt
I have tried to change hyphen with "%2D" but no look.
How could I fix it?
Is it a IW bug?
Regards, Luiz
|
|
|
| TIdTelnet Disconnect |
|
Posted by: omarreis - 11-15-2019, 01:03 PM - Forum: Indy
- Replies (4)
|
 |
I'm using telnet client in my app, to access streaming market data.
It works ok for Windows and iOS, but on Android the app hangs
for several seconds when telnet.Disconnect is called. So much that
Android detects the app is stalled and terminates it.
I understand that Connect and Disconnect can block the
execution, so they are not to be called from the UI thread.
But why Disconnect takes so long ?
One guy suggested on stackoverflow that the reader thread
was locked or not finishing, and that blocked the Disconnect call.
So I tried to create a thread dedicated to disconnect.
It seems to work
Code: procedure TForm1.ThreadedTelnetDisconnect;
var aThreadDisconnect:TThread;
begin
aThreadDisconnect := TThread.CreateAnonymousThread(
procedure begin
IdTelnet1.Disconnect;
end);
aThreadDisconnect.start();
end;
|
|
|
|