Product

Debug on the server with scalable web sessions

Automatically translated from English

Scalable web sessions were a significant improvement brought by 4D v18 R6. They allow you to use 4D tags, 4D actions, and REST API in preemptive processes, even in interpreted mode, on a 4D server. However, to debug such programs, you needed to open your development environment on the server to make it switch to cooperative mode, as the debugger window cannot be opened with preemptive processes. This way, until v19 R2, you could debug REST, 4D actions, or 4D tags. From v19 R3, all of this has become much easier, and you can debug on the server-side simply by attaching the debugger to it, as usual.

Product

Get ready for the new SameSite and Secure attributes for cookies

Automatically translated from English

Cookies’ abilities have grown and evolved over the years, but they have left some legacy issues. To handle this, browsers (including Safari, Chrome, Firefox, and Edge) are changing their behavior regarding the SameSite and Secure attributes for a secure-by-default model for cookies.

As a 4D web developer, you may be concerned about the 4D web sessions session cookie if you want to prevent your application from Cross-site request forgery.

To prevent your web session cookie from circulating on the web pointlessly or being misunderstood by browsers because of a default value applied, you should ask if it is:

  • a third-party cookie: associated with a domain name different from that of the page where the cookie is encountered. A third-party cookie is placed by a page object (e.g. an ad) originating from a domain other than the one hosting the page

or

  • a first-party cookie: associated with the domain of the page

 

Depending on your use case, you should choose the appropriate value for the SameSite attribute of your web session cookie.

To reinforce security, the Secure attribute must be set for the web session cookie when the connection is secured (HTTPS) to indicate to the browser that the cookie can be sent safely.

Keep reading to learn how 4D has your back to improve privacy and security across the web.

Tips

A better understanding of 4D REST sessions

Automatically translated from English

In a previous blog post, we showed you how to get started with the 4D REST server. We walked you through different CRUD operations using Postman and pointed you to the full REST documentation. In this blog post, We’ll explain how sessions work in 4D. This understanding will ensure that you’ll be able to build a session-based authentication system using the 4D REST server.