Docs Developer Site
Enonic XP
arrow-down
    1. Widgets
  2. IAM
    1. Virtual apps
    1. Projects
    2. Layers
        1. AttachmentUploader
        2. Checkbox
        3. Combobox
        4. ContentSelector
        5. ContentTypeFilter
        6. CustomSelector
        7. Date
        8. DateTime
        9. Double
        10. GeoPoint
        11. HtmlArea
        12. ImageSelector
        13. Long
        14. MediaSelector
        15. Radiobutton
        16. Tag
        17. TextArea
        18. TextLine
        19. Time
      2. Field set
      3. Item set
      4. Option set
      5. Mixins
      6. Localization
    4. Content Types
    5. X-data
    6. Macros
    7. Custom styles
    8. Sites
      1. Regions
      2. Part component
      3. Layout component
      4. Text component
      5. Fragments
      6. Filtering
      7. Component indexing
      8. Visual editor
    10. Page templates
    1. Sandboxes
    2. Code
    3. Building
    4. Configuration
    1. Globals
    2. HTTP
    3. Controllers
    4. Filters
    5. Events
    6. Websocket
    7. Error handler
    8. ID provider
    9. Tasks
    10. Localization
    11. Mappings
    12. Components
    13. Processors
    14. Contributions
    15. Templating
    16. Main controller
    17. Java bridge
      1. Webapp Engine
        1. Image service
        2. Component service
      3. Admin Engine
      4. Asset service
      5. HTTP service
      6. IDprovider service
    2. Task engine
    3. Management Endpoint
    4. Statistics Endpoint
    1. Nodes and repos
    2. Properties
    3. Indexing
    4. Branches
    5. Queries (NoQL)
    6. Queries (DSL)
    7. Filters
    8. Aggregations
    9. Highlighting
    10. Editors
    1. Strategies
    2. Distributions
    3. Docker image
    4. Vhosts
    5. Configuration
    6. Backup & restore
    7. Systemd
    8. Clustering
    1. Admin API
    2. Application API
    3. Auditlog API
    4. Authentication API
    5. Cluster API
    6. Common API
    7. Content API
    8. Context API
    9. Event API
    10. Export API
    11. Grid API
    12. I18N API
    13. IO API
    14. Mail API
    15. Node API
    16. Portal API
    17. Project API
    18. Repo API
    19. Scheduler API
    20. Schema API
    21. Tasks API
    22. Value API
    23. VHost API
    24. Websocket API
  11. Audit Logs
    1. Upgrade Notes
    2. Upgrading Apps
Developer Docs Xp Stable Framework Http

HTTP request and response

Contents

The JavaScript framework defines the following basic HTTP request and response objects:

HTTP Request

The following object is passed along with every HTTP request. The object is similar to many traditional request objects, except for two special properties: mode and branch. These properties are specific to the XP Portal, automatically indicating the contextual branch and rendering mode.

The request object represents the HTTP request and current context for the controller.

{
  "method": "GET",  (1)
  "scheme": "http",  (2)
  "host": "enonic.com",  (3)
  "port": "80",  (4)
  "path": "/my/page",  (5)
  "url": "https://enonic.com/my/page?debug=true",  (6)
  "remoteAddress": "10.0.0.1",  (7)
  "mode": "edit",  (8)
  "branch": "master",  (9)
  "body": null (10)
  "params": { (11)
    "debug": "true"
  },
  "headers": { (12)
    "Language": "en",
    "Cookies": "mycookie=123; other=abc;"
  },
  "cookies": { (13)
    "mycookie": "123",
    "other": "abc"
  }
}
1 HTTP method of the request
2 Scheme used to make this request i.e. "http" / "https"
3 Host name of the server to which the request was sent.
4 Port of the server to which the request was sent.
5 Path of the request
6 URL of the request.
7 IP address of the client that sent the request. If the X-Forwarded-For [1] header is set, its value will override the client IP.
8 Rendering mode (used in site context) one of: inline, edit, preview, live.
9 Contextual repository branch (used in site context), one of: draft, master.
10 Optional string value
11 Name/value pairs of the query/form parameters from the request.
12 Name/value pairs of the HTTP request headers.
13 Name/value pairs of the HTTP request cookies.

XP XP 7.12.0 7.12.0 The request object also has getHeader(name) function that reads out a header on the request. The name is case-insensitive. Use it instead of accessing headers values directly.

Modification of headers does not affect the result of getHeader(name) calls.

HTTP Response

The response object is the value returned by an HTTP controller - as a response to an :ref:`http_request`.

{
  "status": 200,  (1)
  "body": "Hello World",  (2)
  "contentType": "text/plain",  (3)
  "headers": {   (4)
      "key": "value"
  },
  "cookies": {},   (5)
  "redirect": "/another/page",   (6)
  "postProcess": true,   (7)
  "pageContributions": {},   (8)
  "applyFilters": true   (9)
}
1 HTTP response status code (default is 200).
2 HTTP message body of the response that can either be a string or a JavaScript object.
3 MIME type of the body (defaults to text/plain; charset=utf-8).
4 Name/value pairs with the HTTP headers to be added to the response.
5 HTTP cookies to be added to the response. Will be described in a later section.
6 URI to redirect to. If specified, the value will be set in the "Location" header and the status will be set to 303.
7 Site engine only: If enabled the response body from a page render is processed to find and render any component tags found. (default is true). Set to false to skip post processing of tags.
8 Site engine only: Use to contribute html to the resulting response markup. See page contributions for more information.
9 Site engine only: If enabled, any defined response processors in the pipeline will be executed.

HTTP Cookies

There are two ways that Http Cookie values can be set in responses (see examples).

Here’s an example of how the cookies are set:

return {
    status: 200,
    body: "Hello World",
    cookies: {
        "plain": "value",  (1)
        "complex": {  (2)
            value: "value",  (3)
            path: "/valid/path",  (4)
            domain: "enonic.com",  (5)
            comment: "Some cookie comments",  (6)
            maxAge: 2000,  (7)
            secure: false,  (8)
            httpOnly: false,  (9)
            sameSite: "Lax" (10)
        }
    }
};
1 If the value is a string then the cookie is created using default settings.
2 If the value is an object, it will try to apply the settings.
3 Value (required) The value to store in the cookie. This example will create a cookie looking like this complex: value.
4 The paths on the site where this cookie should be available from (and all containing paths). Defaults to empty
5 Add additional sites that should be able to read the cookie. Defaults to empty (Only the server that creates the cookie can read it.)
6 A comment describing the cookie. Default to `null. Deprecated and will be removed in future versions of XP.
7 Number of seconds before the browser is allowed to delete the cookie. Defaults to -1 (The cookie will live until the browser is shut down.)
8 Control if the cookie should only be accepted to be created and read over https and similar secure protocols. Defaults to false
9 Control if the cookie is available for scripts or not. If true, only the serverside code can read the cookie. Defaults to false (Also client-side scripts can read the cookie.)
10 XP XP 7.3.0 7.3.0 SameSite flag for the cookie. Can be lax, strict, none or   for "not set". Default is "not set", meaning "browser’s default".

Contents

Contents

AI-powered search

Juke AI