Does anyone know of a Cache component for TIdHTTP? - delphi

I'm looking for a cache implementation for the Indy IdHTTP component that would be used for checking of a specific resource is already cached before doing the actual GET and returning the cached resource instead (if appropriate)?
If the component would be a derived class from TIdHTTP and handle the cache-features automatically it would be the easiest way for me, so I could just replace my existing IdHTTP objects with the new component.
Has anyone ever seen such a component for D2010?

I dont think there is a component to do that, but you can implement your own based on response header Cache-Control and Expires-Date (i am not sure if it is the corrent name). You should save the page on a file with the Expires date on it, so you can check if you already have the page on cache before make the request to the server. I guess it is what some proxies do, like Squid (of course not as simple as that).
Check this out: Caching in HTTP

Related

How to validate server certificate against list of CAs during HTTP request using Delphi + Indy

As far as I can tell, this is the process to create an HTTPS request using Indy:
Create a TIdHTTP object
Use a TIdSSLIOHandlerSocketOpenSSL object as its IOHandler
Set up this TIdSSLIOHandlerSocketOpenSSL object's SSLOptions and SSLContext to get the proper behaviour before starting the request
However, Indy's documentation is quite minimal as for the possible values for these two SSLOptions and SSLContext objects, even to achieve what seems to me to be pretty standard behaviour.
In particular, I would like to know how to do the following:
Validate the certificate against either (depending on what is more straightforward) :
The local system's trust store
A list of root certificates provided with the application
Drop the connection if the certificate has not been correctly validated.
It seems to me to be the most basic behaviour for an application that needs to call base once in a while: you want to make sure you're really speaking to your own back-end, but still leave you the possibility of changing CAs if you ever need it.
I guess the SSLContext's field rootCertFile should be used, however:
Nowhere is it said in what format the rootCertFile should be provided (pem? der? pkcs something?)
It is in no way obvious how one should process to configure several alternatives root certificates.
Can someone provide the method, and if possible, some sample code on how this behaviour can be achieved?

How can send ajax request from activex control/NPAPI and process its response?

Currently i have a wepage where I am sending a ajax request from javascript and in respose for that server is sending a video file which will be by default saved browser download location. I want the user to select download path each and every time for the file download(which can be achieved by changing browser settings which is not suited for me). So i want to include a activex object which can send ajax request and get its response. First I want to know whether is it possible, if yes is there any prototype/examples, or please let me know how it can be achieved.
It is possible; FireBreath has a mechanism called BrowserStreams that would probably work for what you're describing, but honestly I'd suggest against it. See if you can do what you need using an extension; Chrome is dropping support for NPAPI next year and even if they weren't I think it's a really bad idea to use a plugin for something like this.
Up to you, of course. There are examples for making HTTP GET and POST requests in the FBTestPlugin example in FireBreath.

How can I give the response file of a universal HTTP request a unique name?

I've developed an HTTP API Server (intended to be called by third-party applications, not necessarily by a web browser) which has one universal call to get (download) any and all types of files by passing a name parameter in the query string for the file requested. All calls, no matter for which file, are handled in the same custom request handler of mine called Get (not to be confused with the standard HTTP get). A query string includes a property name which identifies the unique file to get.
So a request may look like:
http://MyServerURL.com/Get?Key=SomeAPIKeyForAuthentication&Name=SomeUniqueIdentifier
First of all, I know I can obviously make the server fetch a file using only the URI, for example...
http://MyServerURL.com/SomeUniqueIdentifier?Key=SomeAPIKeyForAuthentication
...but the design is specifically meant to use this one universal get command, so I need to keep this unique identifier in the query string. The actual applications which connect to this API will never need to know this filename, but there may be an event when a URL is manually provided for someone to open in their browser to download a file.
However, whenever a file is downloaded through a web browser, since the call is get, the saved filename also winds up being just get.
Is there any trick in HTTP which I can implement on my server which will force the downloaded filename to be the unique identifier, rather than just get? For example, some method such as using re-direct?
I'm using Indy 10 TIdHTTPWebBrokerBridge in Delphi XE2 as the web server. I'm looking for a way in this component (technically in its corresponding TWebModule handler) when it handles this get request, to make the response's filename whatever string I want (in this case, SomeUniqueIdentifier). I've heard the term "URL Re-writing" but that's a rather different topic, and don't think it's what I need, yet it might.
That seems to a rather long winded way of saying you want to set the filename for an HTTP download indpendently of the URL used to fetch it. In which case you simply send a Content-Dispositon header specifying the desired filename. See section 19.5.1 of rfc 2616
e.g.
Content-Disposition: attachment; filename="stackoverlow.ans"

Getting Cookie from TWebBrowser

Trying to download a file using indy,(post to asp save the excel response) but running into errors, using wireshark the request is missing cookies.
Trying to grab the cookie out of a Twebbrowser window and save it.
procedure TForm1.WebBrowser1DownloadComplete(Sender: TObject);
var
document: IHTMLDocument2;
cookies:tstringlist;
begin
cookies:=tstringlist.Create;
document := WebBrowser1.Document as IHTMLDocument2;
cookies.Add(document.cookie);
//do stuff with them
end;
returns nothing, whats the best way to extract a cookie(or 2) out of twebbrowser, or is there something better i'm missing?
TWebBrowser is a wrapper around Internet Explorer, which itself is a wrapper around WinInet. Indy does not share cookies with IE/WinInet, so you have to copy the cookie details manually into Indy's TIdCookieManager component. However, the IHTMLDocument2.cookie property is just a delimited string of name=value pairs (if it returns anything at all, due to security restrictions), which does not contain enough information for Indy's use, such as a cookie's source URL and target domain/path, so you have to get that information from somewhere else, such as by parsing IE's cookie files that are stored in Windows' Cookies folder.
Because of a history with malware (ab)using JavaScript and the document.cookie property, web-servers may request on the HTTP level that the cookie only be returned over HTTP and not be available over JavaScript.
https://www.owasp.org/index.php/HTTPOnly
I'm not sure this is the case in your instance, but you mention you use Indy to fetch a file. If you put the data from it into WebBrowser1 yourself, it would make sense the cookie data is not copied along, since it is a property of the HTTP transaction. See the Indy documentation about cookies:
http://www.indyproject.org/docsite/html/TIdHTTP_CookieManager.html

What does Indy's HandleRedirect do?

I'm having some trouble reading files with Indy from a site that has WordPress installed.
It appears that the site is configured to redirect all hits to sitename/com/wordpress.
Can I use HandleRedirect to turn that off so I can read files from the root folder?
What is the normal setting for this property? Any downsides to using it for this purpose?
(Edit: it appears that my problem may be caused by Windows cacheing of a file I've accessed before through Indy. I'm using fIDHTTP.Request.CacheControl := 'no-cache'; is that adequate?
When the server sends a 3xx result for a request, the HandleRedirects property controls whether Indy will immediately turn around and issue a new request using the new location. The alternative is that Indy will return the response code to your program. You're welcome to handle it yourself with the OnRedirect event, but if the server bothers to send anything in addition to the response code, it's unlikely to be of much use to your program. It's not as though there are hidden files that the redirection is preventing you from downloading. Set the property to true and let Indy take care of the redirection for you.
It's probably not the case that Windows is caching anything for your program. Indy doesn't use the OS cache. The Cache-Control header is an instruction to a proxy or the so-called origin server that it should not satisfy your request using a cached response without validating it with the origin server. Maybe WordPress has a cache of its own that you're by-passing.

Resources