Skip to main content
Version: 20 R7 BETA

WEB SET OPTION

WEB SET OPTION ( selector ; value )

ParameterTypeDescription
selectorIntegerOption code
valueInteger, Text, CollectionOption value

Description

The WEB SET OPTION command modifies the current value of various options concerning the functioning of the 4D Web server.

Changes made to these options are retained if the 4D Web server is stopped and restarted, however they are not retained if the 4D application is stopped and restarted.

In the selector parameter, pass one of the constants from the Web Server theme and pass the new value of the option in value:

ConstantTypeValueComment
Web character setLongint17Scope: 4D local, 4D Server
Description: Character set that the 4D Web Server (with 4D in local mode and 4D Server) should use to communicate with browsers connecting to the database. The default value actually depends on the language of the operating system. This parameter is set in the Database settings.
Possible values: The possible values depend on the operating mode of the database relating to the character set.
Unicode Mode: When the application is operating in Unicode mode, the values to pass for this parameter are character set identifiers (MIBEnum longint or Name string, identifiers defined by IANA, see the following address: http://www.iana.org/assignments/character-sets). Here is the list of identifiers corresponding to the character sets supported by the 4D Web server:
4=ISO-8859-1
12=ISO-8859-9
13=ISO-8859-10
17=Shift-JIS
2024=Windows-31J
2026=Big5
38=euc-kr
106=UTF-8
2250=Windows-1250
2251=Windows-1251
2253=Windows-1253
2255=Windows-1255
2256=Windows-1256ASCII compatibility mode:
Western European
1: Japanese
2: Chinese
3: Korean
4: User-defined
5: Reserved
6: Central European
7: Cyrillic
8: Arabic
9: Greek
10: Hebrew
11: Turkish
12: Baltic
Web Client IP address to listenLongint23Scope: 4D remote machine
Possible values: See Web IP address to listen
Description: Used to specify this parameter for a remote 4D used as Web Server (applied to the remote web server only).
Web CORS enabledLongint92Scope: Local Web server
Description: CORS (Cross-origin resource sharing) service status for the Web server. If enabled, XHR (e.g. REST) calls from Web pages outside the domain can be allowed in your application. (Note: A list of addresses and methods allowed to use the CORS service must also be defined, see Web CORS settings). When the CORS service is disabled, CORS requests are ignored. When the CORS service is enabled and a non-allowed domain or method sends a cross site request, it is rejected with a "403 - forbidden" error response. Possible values: 0 (disabled, default) or 1 (enabled)
Web CORS settingsLongint93Scope: Local Web server
Description: List of allowed host(s) and method(s) for the CORS service.
Possible values: Collection of CORS objects with the following properties:
PropertyTypeDescription
[ ].hostTextMandatory -- If host is not present or empty, the object is ignored.
Domain name or IP address from where external pages are allowed to send data requests to the Server via CORS. Multiple domain attributes can be added to create a white list. Several syntaxes are supported:
192.168.5.17:8081
192.168.5.17
192.168.*
192.168.*:8081
http://192.168.5.17:8081
http://*.myDomain.com
http://myProject.myDomain.com
*.myDomain.com
myProject.myDomain.com
*
[ ].methodsTextAccepted HTTP method(s) for the corresponding CORS host. Separate each method with a ";" (e.g.: "post;get")
If methods is empty, null, or undefined: all methods are enabled.
Web debug logLongint84Scope: Local Web server
Note: If the HTTP server is restarted, a new log file is used
Description: Allows you to get or set the status of the HTTP request log file of the 4D Web server. When enabled, this file, named "HTTPDebugLog_nn.txt", is stored in the "Logs" folder of the application (nn is the file number). It is useful for debugging issues related to the Web server. It records each request and each response in raw mode. Whole requests, including headers, are logged; optionally, body parts can be logged as well. For more information on the HTTPDebugLog files, please refer to the Description of log files section.
Values: One of the constants prefixed with "wdl" (refer to the descriptions of these constants in this theme).
Default value: 0 (not enabled)
Web HSTS enabledLongint86Scope: 4D local, 4D Server.
Description: HTTP Strict Transport Security (HSTS) status. HSTS allows the 4D Web server to declare that browsers should only interact with it via secure HTTPS connections. Once activated, the 4D Web server will automatically add HSTS-related information to all response headers. Browsers will record the HSTS information the first time they receive a response from the 4D Web server, then any future HTTP requests will automatically be transformed into HTTPS requests. The length of time this information is stored by the browser is specified with the Web HSTS max age selector.
HSTS requires that HTTPS is enabled on the server. HTTP must also be enabled to allow client initial connections.
Possible values: 0 (disabled, default) or 1 (enabled)
Note: The 4D Web server must be restarted for this setting to be applied.
Web HSTS max ageLongint87Scope: 4D local, 4D Server
Description: Specifies the maximum length of time (in seconds) that HSTS is active for each new client connection. This information is stored on the client side for the specified duration.
Possible values: Longint (seconds)
Default value: 63072000 (2 years)

Warning: Once HSTS is enabled, client connections will continue to use this mechanism for the specified duration. When you are testing your applications, it is recommended to set a short duration to be able to switch between secured and non-secured connection modes if necessary.
Web HTTP compression levelLongint50Scope: Local Web server
Description: Compression level for all compressed HTTP exchanges for the 4D HTTP server (client requests or server replies, Web and Web Service). This selector lets you optimize exchanges by either privileging speed of execution (less compression) or the amount of compression (less speed). The choice of a value depends on the size and type of data exchanged. Pass 1 to 9 in the value parameter where 1 is the fastest compression and 9 the highest. You can also pass -1 to get a compromise between speed and rate of compression. By default, the compression level is 1 (faster compression).
Possible values: 1 to 9 (1 = faster, 9 = more compressed) or -1 = best compromise.
Web HTTP compression thresholdLongint51Scope: Local HTTP server**
** Description: In the framework of optimized HTTP exchanges, size threshold for requests below which exchanges should not be compressed. This setting is useful in order to avoid losing machine time by compressing small exchanges.
Possible values: Any Longint type value. Pass the size expressed in bytes in vaue. By default, the compression threshold is set to 1024 bytes
Web HTTP enabledLongint88Scope: 4D local, 4D Server
Description: Status for communication over HTTP.
Possible values: 0 (disabled) or 1 (enabled)
Web HTTP TRACELongint85Scope: Local Web server
Description: Allows you to disable or enable the HTTP TRACE method in the 4D Web server. For security reasons, starting with 4D v15 R2, by default the 4D Web server rejects HTTP TRACE requests with an error 405 (see HTTP TRACE disabled). If necessary, you can enable the HTTP TRACE method for the session by passing this constant with value 1. When this option is enabled, the 4D Web server replies to HTTP TRACE requests with the request line, header, and body.
Possible values: 0 (disabled) or 1 (enabled)
Default value: 0 (disabled)
Web HTTPS enabledLongint89Scope: 4D local, 4D Server
Description: Status for communication over HTTPS.
Possible values: 0 (disabled) or 1 (enabled)
Web HTTPS port IDLongint39Scope: 4D local, 4D Server**
** Description: TCP port number used by the Web server of 4D in local mode and of 4D Server for secure connections via TLS (HTTPS protocol). The HTTPS port number is set on the “Web/Configuration” page of the Database settings dialog box.
By default, the value is 443 (standard value). You can use the constants of the TCP Port Numbers theme for the value parameter.
Possible values: 0 to 65535
Web inactive process timeoutLongint78Compatibility: This selector is ignored when the Web scalable session mode or "No sessions" mode is enabled.
Scope
: Local Web server
Description: Modifies the life duration of the inactive processes associated with sessions. At the end of the timeout, the process is killed on the server, the On Web Legacy Close Session database method is called, then the session context is destroyed.
Possible values: Longint (minutes)
Default value: 480 minutes (pass 0 to restore the default value)
Web inactive session timeoutLongint72Compatibility: This selector is ignored when the Web scalable session mode is enabled.
Scope: Local Web server
Description: Modifies the life duration of inactive sessions (duration set in cookie). At the end of this period, the session cookie expires and is no longer sent by the HTTP client.
Possible values: Longint (minutes)
Default value: 480 minutes (pass 0 to restore the default value)
Web IP address to listenLongint16Scope: 4D local, 4D Server
Description: IP address on which the 4D Web server will receive HTTP requests with 4D in local mode and 4D Server. By default, no specific address is defined. This parameter can be set in the Database settings. This selector is useful for 4D Web Servers compiled and merged with 4D Desktop (in which there is no access to the Design mode).
Possible values: IP address string. Both IPv6 string formats (e.g. "2001:0db8:0000:0000:0000:ff00:0042:8329") and IPv4 string formats (e.g. "123.45.67.89") are supported.
Note: By compatibility, deprecated IPv4 addresses expressed as hexadecimal longints are still supported.
Web legacy sessionLongint70Scope: Local Web server
Description: Enables or disables the legacy session management mode (described in the Web Sessions Management (Legacy) section). Note that this mode also enables the mechanism for reusing temporary contexts in remote mode. For more information about this mechanism, refer to the description of this option in the Web Server Settings section.
Possible values: 1 (enable mode) or 0 (disable mode).
See also: Web scalable session selector.
Web log recordingLongint29Scope: 4D local, 4D Server
Description: Starts or stops the recording of Web requests received by the Web server of 4D in local mode or 4D Server. By default, the value is 0 (requests not recorded).
The log of Web requests is stored as a text file named "logweb.txt" that is automatically placed in the Logs folder of the database, next to the structure file. The format of this file is determined by the value that you pass. For more information about Web log file formats, please refer to the Information about the Web Site section.
This file can also be activated on the "Web/Log" page of the Database settings.
Possible values: 0 = Do not record (default), 1 = Record in CLF format, 2 = Record in DLF format, 3 = Record in ELF format, 4 = Record in WLF format.
Warning: Formats 3 and 4 are custom formats whose contents must be set beforehand in the Database settings. If you use one of these formats without any of its fields having been selected on this page, the log file will not be generated.
Web max concurrent processesLongint18Compatibility: This selector is ignored when the Web scalable session mode is enabled.
Scope: 4D local, 4D Server
Description: Strictly upper limit of concurrent Web processes of any type supported by the 4D Web Server with 4D in local mode and 4D Server. When this number (minus one) is reached, 4D will not create any other processes and returns the HTTP status 503 - Service Unavailable to all new requests.
This parameter can prevent the 4D Web Server from saturation, which can occur when an exceedingly large number of concurrent requests are sent, or when too many context creations are requested. This parameter can also be set in the Database settings.
In theory, the maximum number of Web processes is the result of the following formula: Available memory/Web process stack size. Another solution is to view the information on Web processes displayed in the Runtime Explorer: the current number of Web processes and the maximum number reached since the Web server boot are indicated.
Possible values: Any value between 10 and 32 000. The default value is 100.
Web max sessionsLongint71Scope: Local Web server
Description: Limits the number of simultaneous sessions. When you reach the limit set, the oldest session is closed (and On Web Legacy Close Session database method is called) if the Web server needs to create a new one.
Possible values: Longint. The number of simultaneous sessions cannot exceed the total number of Web processes (Web Max Concurrent Processes option, 100 by default)
Default value: 100 (pass 0 to restore the default value)
Web maximum requests sizeLongint27Scope: 4D local, 4D Server**
** Description: Maximum size (in bytes) of incoming HTTP requests (POST) that the Web server is authorized to process. By default, the value is 2 000 000, i.e. a little less than 2 MB. Passing the maximum value (2 147 483 647) means that, in practice, no limit is set.
This limit is used to avoid Web server saturation due to incoming requests that are too large. When a request reaches this limit, the 4D Web server refuses it.
Possible values: 500 000 to 2 147 483 647.
Web port IDLongint15Scope: 4D in local mode and 4D Server.
Description: Sets or gets the number of the TCP port used by the 4D Web server with 4D in local mode and 4D Server. By default, the value is 80. The TCP port number is set on the "Web/Configuration" page of the Database Settings dialog box. You can use one of the constants in the TCP Port Numbers theme for the value parameter. This selector is useful within the framework of 4D Web servers that are compiled and merged using 4D Desktop (no access to the Design environment).
Possible values: For more information about the TCP port number, refer to the Web Server Settings section.
Default value: 80
Web scalable sessionLongint90Scope: Local Web server
Description: Enables or disables the scalable session management mode (described in the User sessions page on developer.4d.com)
Possible values: 1 (enable mode) or 0 (disable mode). If the value is modified, the web server must be restarted so that the change is taken into account.
When this mode is enabled, the following options are ignored: Web inactive process timeout, Web max concurrent processes, Web session cookie name, and Web inactive session timeout.
Web session cookie domainLongint81Scope: local Web server
Description: Sets or gets the value of the "domain" field of the session cookie. This selector (as well as selector 82) is useful for controlling the scope of the session cookies: If you set, for example, the value "/*.4d.fr" for this selector, the client will only send a cookie when the request is addressed to the domain ".4d.fr", which excludes servers hosting external static data.
Possible values: Text
Web session cookie nameLongint73Compatibility: This selector is ignored when the Web scalable session mode is enabled.
Scope: Local Web server
Description: Sets the name of the cookie used for saving the legacy session ID.
Possible values: Text
Default value: "4DSID_AppName" (pass an empty string to restore the default value)
Web session cookie pathLongint82Scope: local Web server
Description: Sets or gets the value of the "path" field of the session cookie. This selector (as well as selector 81) is useful for controlling the scope of the session cookies: If you set, for example, the value "/4DACTION" for this selector, the client will only send a cookie for dynamic requests beginning with 4DACTION, and not for pictures, static pages, etc.
Possible values: Text
Web session enable IP address validationLongint83Scope: Local Web server
Description: Enables or disables IP address validation for session cookies. For security reasons, by default the 4D Web server checks the IP address of each request containing a session cookie and rejects it if this address does not match the IP address used to create the cookie. In some specific applications, you may want to disable this validation and accept session cookies, even when their IP addresses do not match. For example when mobile devices switch between Wifi and 3G/4G networks, their IP address will change. In this case, you must pass 0 in this option to allow clients to be able to continue using their Web sessions even when the IP addresses change. Note that this setting lowers the security level of your application.
When it is modified, this setting is effective immediately (you do not need to restart the HTTP server).
Possible values: 0 (disabled) or 1 (enabled)
Default value: 1 (IP addresses are checked)

When you use the Web debug log selector, you can pass one of the following constants in the value parameter:

ConstantTypeValueComment
wdl disable web logLongint0Web HTTP debug log is disabled
wdl enable with all body partsLongint7Web HTTP debug log is enabled with body parts in response and request
wdl enable with request bodyLongint5Web HTTP debug log is enabled with body part in request only
wdl enable with response bodyLongint3Web HTTP debug log is enabled with body part in response only
wdl enable without bodyLongint1Web HTTP debug log is enabled without body parts (body size is provided in this case)

Example

Enabling the HTTP debug log without body parts:

 WEB SET OPTION(Web debug log;wdl enable without body)

A log entry looks like this:

# REQUEST# SocketID: 1592# PeerIP: 127.0.0.1# PeerPort: 54912# TimeStamp: 39089388#ConnectionID: 9808E3B4B06E4EB5A60E9A3FC69116BD#SequenceNumber:5GET /4DWEBTEST HTTP/1.1Accept: text/html,(...)Accept-Encoding: gzip, deflateConnection: keep-aliveHost: 127.0.0.1User-Agent: 4D_HTTP_Client/0.0.0.0# RESPONSE# SocketID: 1592# PeerIP: 127.0.0.1# PeerPort: 54912# TimeStamp: 39089389 (elapsed time: 1 ms)#ConnectionID: 9808E3B4B06E4EB5A60E9A3FC69116BD#SequenceNumber:6HTTP/1.1 200 OKAccept-Ranges: bytesConnection: keep-aliveContent-Encoding: gzipContent-Length: 3555Content-Type: text/plain; charset=UTF-8Date: Thu, 20 Apr 2017 10:51:29 GMTExpires: Thu, 20 Apr 2017 10:51:29 GMTServer: 4D/16.0.1[Body Size: 3555]

See also

WEB GET OPTION
WEB LEGACY GET SESSION EXPIRATION