NetCOBOL for SPARC Architecture SAF Subroutines User's Guide

More documents

Recommendations

Info

40 Chapter 3. How to Use SAF Subroutines CALL "COBW3_SET_REPEAT_NX" USING COBW3. CALL "COBW3_SET_REPEAT_XN" USING COBW3. CALL "COBW3_SET_REPEAT_NN" USING COBW3. COBW3 Data for Calls: • COBW3-CNV-NAME and COBW3-CNV-NAME-N Set a conversion name used for conversion. Set it in COBW3-CNV-NAME when COBW3_SET_REPEAT, COBW3_SET_REPEAT_XX or COBW3_SET_REPEAT_XN is used. • • • Set it in COBW3-CNV-NAME-N when COBW3_SET_REPEAT_NX or COBW3_SET_REPEAT_NN is used. COBW3-CNV-NAME-LENGTH [Optional] Set the character length of a conversion name with a valid space at the end to the number of bytes including the space. Value Meaning 0 The length up to the last character, excluding the space, is checked. However, the character length is regarded as 0 if COBW3-CNV-NAME or COBW3-CNV- NAME-N is filled with spaces only. 1 to 30 Character strings of the specified character length are searched for COBW3-CNV-VALUE and COBW3-CNV-VALUE-N Set a conversion result (conversion character string). Set it in COBW3-CNV-VALUE when COBW3_SET_REPEAT, COBW3_SET_REPEAT_XX or COBW3_SET_REPEAT_NX is used. Set it in COBW3-CNV-VALUE-N when COBW3_SET_REPEAT_XN or COBW3_SET_REPEAT_NN is used. COBW3-CNV-VALUE-LENGTH [Optional] Set the character length of a conversion character string with a valid space at the end to the number of bytes including the space. Value Meaning 0 The length to the last character, excluding the space, is registered. However, the character length is regarded as 0 if COBW3-CNV-VALUE or COBW3-CNV- VALUE-N is filled with spaces only. 1 to 1024 Character strings of the specified character length are searched for. Specify a space as the conversion character string, 0 as the conversion character string, and register the repetitive conversion data, if it is necessary to specify a space as the conversion result.
• COBW3_SANITIZE_CNV [Optional] Chapter 3. How to Use SAF Subroutines 41 If characters that are vulnerable to a cross site scripting attack are found in conversion data, those characters are automatically replaced. This process is referred to as “sanitizing”. For more details on cross site scripting, refer to Appendix P, Security, in the NetCOBOL User’s Guide. COBW3_SANITIZE_CNV is valid when either COBW3_SET_REPEAT_XX or COBW3_SET_ REPEAT_NX is used. However, if the code set is Unicode, COBW3_SANITIZE_CNV is also valid when COBW3_SET_ REPEAT_XN or COBW3_SET_ REPEAT_NN is used. Condition name Value Explanation COBW3-SANITIZE-CNV-OFF LOW-VALUE Does not sanitize. COBW3-SANITIZE-CNV-ON "1" Sanitize. NOTE: The sanitization procedure replaces the five characters that are vulnerable to a cross site scripting attack (&, , “, ‘) with the following escape characters: & → & < → < > → > " → " ' → ' As a result, a single character is being replaced with 4-6 characters, increasing the length of the sanitized data. This means that, depending on the content of the unsanitized data, sanitizing data may cause the maximum data length (1024 bytes) set in the Web parameter VALUE to be exceeded. If this happens, the sanitized data is truncated automatically at 1024 bytes. It is also possible that the escape characters themselves may be truncated. In this case, the vulnerable character is deleted, not replaced. An example is given below. Example: The unsanitized data area is 1021 bytes long. The first 1020 bytes contain n characters that do not require sanitizing, but the last character is an ampersand ( & ). xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&
Page 1 and 2: SAF Subroutines User’s Guide
Page 3 and 4: Preface This manual explains how to
Page 5 and 6: Contents Chapter 1. NetCOBOL SAF Su
Page 7 and 8: Chapter 1. NetCOBOL SAF Subroutines
Page 9 and 10: Chapter 2. Creating Web Application
Page 11 and 12: WORKING-STORAGE SECTION. COPY COBW3
Page 13 and 14: • • • • • Chapter 2. Crea
Page 15 and 16: Chapter 3. How to Use SAF Subroutin
Page 17 and 18: • In the Unicode environment, use
Page 19 and 20: Web page for invoking the applicati
Page 21 and 22: Session Management Functions Chapte
Page 23 and 24: SAF Subroutines Interface Chapter 3
Page 25 and 26: Condition-name Value Meaning Chapte
Page 27 and 28: • • Chapter 3. How to Use SAF S
Page 31 and 32: Application example: [a.htm (Web pa
Page 33 and 34: [COBOL program] Chapter 3. How to U
Page 35 and 36: CALL "COBW3_SET_CNV_NN" USING COBW3
Page 39: Chapter 3. How to Use SAF Subroutin
Page 43 and 44: Format: CALL "COBW3_DEL_REPEAT" USI
Page 45 and 46: Application example: [COBOL program
Page 47 and 48: Condition-name Value Meaning COBW3-
Page 49 and 50: Manipulate Cookie Data Chapter 3. H
Page 51 and 52: - COBW3-COOKIE-EXPIRES-HOUR (Hours)
Page 53 and 54: Process result data: None COBW3_INI
Page 55 and 56: Process Result Data: • COBW3-SEAR
Page 57 and 58: • • • • Chapter 3. How to U
Page 59 and 60: Value Meaning Chapter 3. How to Use
Page 61 and 62: COBW3_END_SESSION Chapter 3. How to
Page 63 and 64: COBW3_ALTER_SESSION_TIMEOUT Chapter
Page 67 and 68: Data Length Restrictions of SAF Sub
Page 69 and 70: Chapter 4. Generating and Executing
Page 71 and 72: NES Settings Chapter 4. Generating
Page 73 and 74: MIME Type Setup Chapter 4. Generati
Page 75 and 76: Chapter 4. Generating and Executing
Page 77 and 78: Executing a Web Application Chapter
Page 79 and 80: Format: Chapter 4. Generating and E
Page 81 and 82: Chapter 5. Debugging a SAF Applicat
Page 83 and 84: Starting the Debugger To start debu
Page 85 and 86: Chapter 5. Debugging a SAF Applicat
Page 87 and 88: Chapter 6. Samples This chapter exp
Page 89 and 90: Environment Setup Chapter 6. Sample
Page 91 and 92:
COBOL program (SAFMAIN.cob) Chapter
Page 93 and 94:
Chapter 6. Samples 93 001360 comput
Page 95 and 96:
Getting Request Information Chapter
Page 97 and 98:
Appendix A. Frequently Asked Questi
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Appendix B. Error Recovery Processi
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Appendix C. Architecture of a NetCO
Page 115 and 116:
Appendix D. CGI To SAF Subroutines
Page 117 and 118:
Application Form Appendix D. CGI To
Page 119 and 120:
Compilation Method Appendix D. CGI
Page 121 and 122:
Modified contents of a SAF applicat
Page 123 and 124:
Modify Cookie operation as shown be
show all

NetCOBOL for SPARC Architecture SAF Subroutines User's Guide

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?