Product

Get ready for the new SameSite and Secure attributes for cookies

Automatically translated from English

Cookies’ abilities have grown and evolved over the years, but they have left some legacy issues. To handle this, browsers (including Safari, Chrome, Firefox, and Edge) are changing their behavior regarding the SameSite and Secure attributes for a secure-by-default model for cookies.

As a 4D web developer, you may be concerned about the 4D web sessions session cookie if you want to prevent your application from Cross-site request forgery.

To prevent your web session cookie from circulating on the web pointlessly or being misunderstood by browsers because of a default value applied, you should ask if it is:

  • a third-party cookie: associated with a domain name different from that of the page where the cookie is encountered. A third-party cookie is placed by a page object (e.g. an ad) originating from a domain other than the one hosting the page

or

  • a first-party cookie: associated with the domain of the page

 

Depending on your use case, you should choose the appropriate value for the SameSite attribute of your web session cookie.

To reinforce security, the Secure attribute must be set for the web session cookie when the connection is secured (HTTPS) to indicate to the browser that the cookie can be sent safely.

Keep reading to learn how 4D has your back to improve privacy and security across the web.

Product

4D Data Explorer in Action

Automatically translated from English

Even though the 4D Data Explorer is still in Preview version (there are certainly more features to come in the next versions), we thought we’d show you the product in action and let you discover its capabilities.

This is a web browser interface usable by the administrator as well as the developer, remotely (in a secure way with an HTTPS connection) or locally on the same machine as your opened database.

Need to check your data during development? Need to find data that could cause bugs? The Data Explorer, with its powerful query engine and intuitive web interface, is made for you!

Let’s watch the video:

Product

Support of Cross-Origin Resource Sharing (CORS)

Automatically translated from English

Have you ever created an HTTP data request only to get hit by a red “access to HTML request has been blocked by cors policy” error?

When your site is on the same domain as the web service server, there’s no problem. However, this isn’t the case when performing a cross-origin request. Access is denied due to browser security preventing HTTP requests to another domain. The result? A CORS policy error.

To help you explicitly allow certain cross-origin requests on your server, 4D now supports the CORS protocol. Accessing data with cross-origin requests just became easier!

Product

Multiple web servers in a single 4D instance

Automatically translated from English

Have you ever needed to use multiple web servers in order to, for example, split your web application code into several business units, or separate the administrator’s web server from the user’s or run an old part, not preemptive-ready yet, in a separate instance, allowing the main part to run preemptive?

If you’re nodding your head yes, then keep reading because 4D v18 R3 allows you to do so … with ease.

Tips

A better understanding of 4D REST sessions

Automatically translated from English

In a previous blog post, we showed you how to get started with the 4D REST server. We walked you through different CRUD operations using Postman and pointed you to the full REST documentation. In this blog post, We’ll explain how sessions work in 4D. This understanding will ensure that you’ll be able to build a session-based authentication system using the 4D REST server.

Tips

Web Scraping using object notation

Automatically translated from English

Want to retrieve data that isn’t available via REST or Web Services? What if it’s only available on a website? The data is easy enough for a human to read, but reading HTML data with a programming language isn’t so simple. Some developers try to use Position and Substring, others try Regex, but it’s unpleasant and time-consuming. A very different approach is to convert the HTML into an object and get the data via object notation. Table rows are handled as collections and are easy to loop through!

This blog post describes how to use this approach and provides some handy tips.

Tips

Test the powerful 4D REST server with Postman

Automatically translated from English

4D provides a powerful REST server that enables direct access to data stored in your 4D databases. This makes it possible, for example, to build an API to use with a modern front-end technology (e.g., Angular, React, etc.). In this blog post, we’ll provide the first introduction to the 4D robust REST server. You’ll see how to configure it and test the create, retrieve, update, and delete (CRUD) operations using the API testing tool, Postman.

Product

More information about web processes

Automatically translated from English

You asked for more information about web processes to better identify requests that might be slowing down or blocking your server. We heard you and in 4D v17 R5, we’ve added information about the URL used by web processes. This information can be retrieved two ways: via the 4D Server Administration Window or via the 4D language with the Get process activity command.