In a web server context, DWScript provides the WebRequest and WebResponse objects to handle HTTP interaction, and HttpQuery for making outbound requests.
Information about the incoming client request.
| Member | Description |
|---|---|
Method |
HTTP verb (GET, POST, etc). |
URL / FullURL |
The requested URL. |
RemoteIP |
Client's IP address. |
UserAgent |
Client's browser agent string. |
QueryField[name] |
Accesses GET parameters. |
ContentField[name] |
Accesses POST parameters (Form data). |
Cookie[name] |
Accesses cookies sent by client. |
Header[name] |
Accesses arbitrary HTTP headers. |
ContentType |
MIME type of the request content. |
ContentData |
Raw POST data. |
Control the response sent back to the client.
| Member | Description |
|---|---|
StatusCode |
HTTP status code (e.g. 200, 404, 301). |
ContentType |
MIME type of response (e.g. 'application/json'). |
ContentEncoding |
Encoding of the content (e.g. 'gzip'). |
ContentData |
Sets the raw response body. |
ContentText[type] |
Sets content type and text body. |
Header[name] |
Sets a response header. |
Compression |
Enables or disables automatic compression. |
SetCookie(name, val [, expires]) |
Sends a cookie to the client. |
SetCookie(name, val, expires, path, ...) |
Sends a cookie with advanced options (domain, flags, sameSite). |
SetStatusRedirect(code, url) |
Issues an HTTP redirect. |
SetStatusPlainText(code, text) |
Sets status code and text content. |
SetStatusJSON(code, json) |
Sets status code and JSON content. |
SetContentJSON(j) |
Sends a JSON object as the response. |
SetContentFile(fileName [, type]) |
Sends a file as the response. |
SetETag(etag) |
Sets the ETag header for caching. |
SetCacheControl(control) |
Sets the Cache-Control header. |
SetLastModified(date) |
Sets the Last-Modified header. |
RequestAuthentication(authType) |
Triggers an authentication challenge (e.g. WebAuthentication.Basic). |
The advanced SetCookie overload uses a numeric bitmask for flags and an enum for SameSite.
| Value | Flag | When to Use |
|---|---|---|
1 |
Secure |
Always when site uses HTTPS |
2 |
HttpOnly |
Always for session cookies (prevents XSS) |
| SameSite | Value | Description |
|---|---|---|
Strict |
1 |
Maximum security, no cross-site requests |
Lax |
2 |
Balanced, allows top-level navigations |
Example:
// HttpOnly (2) + Secure (1) = 3
WebResponse.SetCookie('auth', token, expires, '/', '', 3, WebCookieSameSite.Strict);Support for Server-Sent Events (SSE) to push updates to the client.
| Method | Description |
|---|---|
WebServerSentEvents.PostRaw(source, data) |
Posts a raw message to the event stream source. |
WebServerSentEvents.Close(source) |
Closes the event stream source. |
WebServerSentEvents.Connections(source) |
Returns an array of active connection IDs for source. |
WebServerSentEvents.SourceNames |
Returns an array of active event source names. |
Helper class to construct formatted SSE messages.
| Member | Description |
|---|---|
ID, Name |
Event ID and Event Name. |
Data |
Array of data strings (lines). |
Retry |
Retry interval in milliseconds. |
Post(source) |
Sends the constructed event to source. |
Used to make HTTP requests from the server to other web services.
| Method | Description |
|---|---|
GetText(url, var data) |
Performs a GET request. Returns status code. |
PostData(url, data, type, var reply) |
Performs a POST request. |
Request(method, url, data, type) |
Performs an arbitrary request and returns an HttpRequest. |
The WebServer object allows controlling global server settings, such as URL rewriting.
| Member | Description |
|---|---|
SetURLRewriteRulesJSON(json) |
Configures URL rewriting rules using a JSON string. |
GetURLRewriteRules() |
Returns the current rewrite rules as a JSON string. |
You can define rules to transparently rewrite incoming URLs. This is typically done in the server startup script (.startup.pas).
Rule Format (JSON):
The configuration is an array of rule objects:
pattern: The URL pattern to match. Supports * as a wildcard (matches until the next separator in the pattern).rewrite: The target URL. Supports $1, $2, ... placeholders corresponding to the * wildcards.Example:
WebServer.SetURLRewriteRulesJSON(#'[
{ "pattern": "/doc/*", "rewrite": "/doc.dws?id=$1" },
{ "pattern": "/example/*", "rewrite": "/examples/view.dws?example=$1" },
{ "pattern": "/ref/*", "rewrite": "/ref/index.dws?id=$1" }
]');var data : String;
var status := HttpQuery.GetText('https://api.example.com/status', data);
if status = 200 then
PrintLn('Response: ' + data);