We have several ISAPI IW apps (15.2) that we link by each calling the others using TerminateAndRedirect.
This has worked great. Now we find Bad actors try to scrape our application and we have added an encrypted time string parameter will now pass when each app calls the other apps.
we decode and check the time string in the server controller's IWServerControllerBaseNewSession event.
If not checkTS(asession) then
begin
Asession.terminate;
exit;
end;
ASession.Data := TIWUserSession.Create(nil, ASession);
The result of this change is we find iwcache folders are not being cleaned up.
We are also seeing Reply is already set errors.
If we use IWServerControllerBaseBeforeNewSession, how do we send back an dynamic HTLM response as the function does not provide a response object only a request object
This has worked great. Now we find Bad actors try to scrape our application and we have added an encrypted time string parameter will now pass when each app calls the other apps.
we decode and check the time string in the server controller's IWServerControllerBaseNewSession event.
If not checkTS(asession) then
begin
Asession.terminate;
exit;
end;
ASession.Data := TIWUserSession.Create(nil, ASession);
The result of this change is we find iwcache folders are not being cleaned up.
We are also seeing Reply is already set errors.
If we use IWServerControllerBaseBeforeNewSession, how do we send back an dynamic HTLM response as the function does not provide a response object only a request object
