08-31-2023, 12:25 PM
I have to check the IP from the client before allowing access to a page.
I test this in TContentForm.OnBeforeExecute and would like to return 403 Forbidden
Result is the exception 'Reply type already set.'
Using IW 15.3.12
I test this in TContentForm.OnBeforeExecute and would like to return 403 Forbidden
Result is the exception 'Reply type already set.'
Code:
procedure TIWServerController.IWServerControllerBaseConfig(Sender: TObject);
var ContentHandler: TContentBase;
begin
ContentHandler := TContentForm.Create('TDlgExternDisplay');
ContentHandler.FileMustExist := False;
ContentHandler.CanStartSession := True;
ContentHandler.OnBeforeExecute := CheckAccessProfile;
THandlers.Add('/externdisplay', ContentHandler);
end;
procedure TIWServerController.CheckAccessProfile(Sender: TObject; var AContinue: Boolean);
var RemoteAddr: string;
begin
RemoteAddr := WebApplication.Request.RemoteAddr;
if True
then begin
AContinue := False;
// mark session for cleanup
TerminateSession(WebApplication, 403, 'Forbidden');
end;
end;
procedure TIWServerController.TerminateSession(ASession: TIWApplication; AHttpCode: integer; AHttpCodeText: string);
begin
ASession.Response.Code := AHttpCode;
ASession.Response.CodeText := AHttpCodeText;
ASession.Terminate(AHttpCode.ToString + #32 + AHttpCodeText);
end;
Using IW 15.3.12