Generating a response – Apple WebObjects 3.5 User Manual

Page 53

Advertising
background image

Request-Handling Methods

53

following action method, the “CreditCard” component sets the

verified

session variable to YES when the user has supplied valid credit information
and returns the user to the original request page to try again.

- verifyUser {

if ([self isValidCredit]) {

[[self session] setVerified:YES];
return [[self application] pageWithName:nameOfNextPage];

}
return nil;

}

Limitations on Direct Requests

Users can access any page in an application without invoking an action. All
they need to do is type in the appropriate URL. For example, you can
access the second page of HelloWorld without invoking the

sayHello

action by

opening this URL:

http://serverhost/cgi-bin/WebObjects/Examples/HelloWorld.woa/-/Hello.wo/

When a WebObjects application receives such a request, it bypasses the
user-input (

takeValuesFromRequest:inContext:

) and action-invocation

(

invokeActionForRequest:inContext:

) phases because there is no user input to store

and no action to invoke. As a result, the object representing the requested
page—Hello in this case—generates the response.

By implementing security mechanisms in

invokeActionForRequest:inContext:

, you

can prevent users from accessing pages without authorization, but only if
those pages are not directly requested in URLs. To prevent users from
directly accessing pages in URLs, you must implement another strategy.

Generating a Response

The

appendToResponse:inContext:

method is invoked in the final phase of the

request-response loop, during which the application generates HTML for
the response page. You can override this method to add to the response
content or otherwise manipulate the HTTP response. For example, you
can add or modify the HTTP headers as in the following example:

- appendToResponse:aResponse inContext:aContext
{

[super appendToResponse:aResponse inContext:aContext];
[aResponse setHeader:@"True"

forKey:@"dshttpd-NoAutomaticFooter"];

}

In a similar manner, you can use

appendToResponse:inContext:

to add text to the

response content. In the following example, a component’s

Advertising
Popular Brands
Popular manuals