Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
ServerController.OnBeforeNewSession
#1
I'm trying this method out before using it in a live setting.  The result of the code below is a blank screen.  Is there some way to return text, or an error message?



Code:
procedure TIWServerController.IWServerControllerBaseBeforeNewSession(const aUrlPath: string; aRequest: THttpRequest; out vCanCreate: Boolean);
begin
  vCanCreate := false;
end;
Reply
#2
(04-07-2018, 06:52 PM)DanielFields Wrote: I'm trying this method out before using it in a live setting.  The result of the code below is a blank screen.  Is there some way to return text, or an error message?



Code:
procedure TIWServerController.IWServerControllerBaseBeforeNewSession(const aUrlPath: string; aRequest: THttpRequest; out vCanCreate: Boolean);
begin
  vCanCreate := false;
end;

Hi Daniel,

I think you are trying to use this event to actually block some user from starting a session and, at the same time, provide some feedback, right? I have to give it a thought. When you don't allow a session creation IW will return HTTP status code 404, not 200.
In order to provide a page containing error information you would have to have full access to a response object. Not sure if it is possible without a few changes....
Reply
#3
I'd be happy with just the response code and text, not the full Response object. Not hugely important, but it would be nice to have.
Reply
#4
what if you "redirect" the user to a specific HTML response page ?
you can create it on-the-fly with a desired content (with what you want to tell the user).
Reply
#5
(04-13-2018, 03:52 PM)EitanArbel Wrote: what if you "redirect" the user to a specific HTML response page ?
you can create it on-the-fly with a desired content (with what you want to tell the user).

When Daniel posted I tried to look into some of that as well.  He didn't say, but I assume he is trying to decrease the weight of his inbound filters to avoid creating a session at all, instead of killing the session when found to be unnecessary.  Good plan.

When I started digging around in the existing redirect code (what I found in a quick look anyway), it lived in the session object... which won't be there.  I poked on it anyway and, as expected, it failed.  There may be other options I don't know about.  Most likely Daniel already tried those things but I thought I might accidentally learn something by looking.

Dan
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)