Angus Robertson

Adding: HttpRest.RestParams.AddItem('filename', 'anyname.jpg'); would be normal, with the real name of the file, not the path. Most servers expect the name of the file in the parameters, not the request headers. And telling the server you are sending JSON content when are you not, is just wrong. But at least it works. Angus

Extracts of code assume I'm familiar with those applications, I am not. I asked for the request headers and body content sent, so I know what these applications actually send to the server. Angus

The next release of ICS is finished, in SVN and the overnight zip. Once documentation is finished, it will be release next week. Meanwhile, testing of this version would be appreciated, so any serious problems can be found and fixed before the release. I'd particularly like C++ users to try and install it, it's okay for Win32, but getting some missing symbols for Win64, despite adding them. Angus

Due to planned OpenSSL security releases 11th February, I'm postponing the next release until those versions are bundled and tested with ICS V9.4, hopefully later that week. Meanwhile. I'd really appreciate feedback on V9.4 in the overnight zip, just saying you are using it is good, might avoid fixes needed due to bugs I've accidentally introduced. And specifically C++ users, as mention In the last message, so it can be installed by GetIt. Angus

The fact you can use Curl or Postman is not relevant to whether ICS works, it will with the correct parameters. I've looked at the Wordpress document, and tried some of the examples against a WordPress site I manage, and just get 404 errors, but it is WP 5.2.21 and I'm not the admin, so maybe the APIs are different or I'm not allowed to use them. The documentation example for 'create a media item' is ' POST /wp/v2/media' so absolutely useless. I don't know Curl either so no idea what --data-binary does. If you can post the actual http headers, body and response made by Curl or Postman, that should explain what is actually happening. Angus

Thanks, now fixed, That function is only used for diagnostic dumping of SSL packets, which I never use due to massive logs. Angus

The ICS web server should probably offer an event to make creating customised error pages easier, I've put it on the wish list. Our error pages are very minimal. Angus

If you are stuck using an old version, which is understandable for old compilers, why not just customise the Answer404 function? Angus

You have not explained how you are attempting to upload the file, what parameters the server is expecting, nor the URL, nor the result of logging from the progress event which would make some of your errors obvious. The OverbyteIcsSnippets sample has two upload examples, doHttpSimpleUploadClick builds Json command line parameters, HttpUploadFile = file, and HttpUploadStrat := HttpUploadSimple; to POST a binary file, while doHttpFormUploadClick builds a form with a file as a parameter. Your code is similar to the second snippet, but is missing several lines such as RestParams.PContent := PContFormData and has all those ExtraHeaders that duplicate the headers addiws by the component, and which might be the reason for the 500 error. Angus

Are you using an old version of ICS? ICS added full Websocket server and client support two years ago, and handles the upgrade negotiation process automatically. The main unit is OverbyteIcsWebSocketSrv.pas which contains a derived connection class THttpWSSrvConn that handles the Websocket protocol. There are two samples OverbyteIcsSslMultiWebServ.dpr and IcsAppMon.dpr that show how it all works. Angus

Just pass your literal SQL command to the Execute method, it returns a RecordSet which is a DataSet method. Angus

Why not just execute the stored procedure from Delphi? I don't have any SQL statements in Delphi applications, just build the stored procedure parameters and use the ADO Execute method which returns a DataSet RecordSet that I parse for various results. It means you can test all your SQL outside of Delphi. Angus

Assuming you've missed a newline after http/1.1, this looks is standard authentication, any proper library should handle it, ICS certainly should. Angus

Are you using a new or ancient XE7 version of ICS? It sounds like the TSslContext component has got lost. Angus

I wrote an open source component that indexes Windows directories and files recursively, written 20 years ago and used on every version of Windows and Delphi since, it just works, never fails. It currently builds a list of 1.2 million files on my c drive which it compares with the same number on a second drive, for backup on Windows 11. Angus

There is a fix for this freezing problem in SVN, will be zipped later tonight. ICS went into an endless loop if SSL data was received after close down was completed but before the handles were reset. Found against a recent Nginx web server release, The SSL code is almost unchanged in 15 years, so not sure why the problem has not shown up before, it seems to happen with both TLSv1.2 and TLSv1.3 so does not seem to be protocol related. Angus

Think FMX TStringGrid is your closest bet, I've used it to replace TListView. But no obvious multi-select, Perhaps you can do the TListView VCL trick of drawing tick boxes in the first column and checking mouse events to 'select' them. The lack of many matching VCL components does make FMX conversions a pain. Angus

Should be in SVN today, if I don't get distracted. Angus

Sorry, the logging you provided has no detail about the HTTP protocol used, it is only for SSL development purposes. So is no-use in diagnosing your problem. The HttpRest log set to body level will be more useful, you can email it. Angus

I'm looking at your Json problem, the main issue here is whether it's acceptable to use non-printing characters in Json values. When I wrote TRestParams, I assumed that non-printing characters would be escaoped before beiing added to SuperObject so used the AsJson option not to escape them a second tme. But that should really be an optional, so I'll add a second parameter to AddItemSO so escaping becomes the default, but can be changed. Your comment about 'aaa~bbb' being sent was incorrect, the component translates non-printing characters for logging and display, the Json would have contained your original #29 character which would have confused the server. Angus

There are a few problems with your code. For V9.3, sslRootCACertsBundle no longer returns a Base64 PEM string, but a smaller PKC12 binary TBytes. And there is a LoadAllFromTB method that checks the format and loads the bundle correctly. V9.1 loaded the default CA bundle automatiucally on startup into a public IcsSslRootCAStore component unless you undefine OpenSSL_AutoLoad_CA_Bundle, or have not updated your OverbyteIcsDefs.inc file. SslContext has a new property UseSharedCAStore that ignores the files and lines properties and uses the preloaded store instead. You are still using TSslHttpCli, replace this with TSslHttpRest and you don;t need an SslContext, it's all handled for you. Angus

Thanks, for the explanation, I see that buffer is a dynamic TBytes, unusual for 20 years ago when Delphi didn't really support TBytes. I only started making wide use of TBytes a few years ago with a lot of new library functions. I'll fix the code, and check other receive loops for similar problems. I'm hoping to release ICS V9.4 this month, with various minor fixes. Angus

Thanks, I'll have a look at how the buffer is declared. But this code has not changed in almost 20 years, have you actually seen this fail? Angus

This is the INI file I used with VCLToFireMonkeyFormConvtr.exe, it also has a few ICS components that should not matter. Not used it a for a couple of years. Angus VCLToFireMonkeyFormConvtr.ini

A few more comments about the Thales Safenet signing token with Sectigo certificates: Unlike the Centum token I used before, Safenet has an 'Enable single logon' tick box in Advanced Client Settings, which means it remembers the token password once entered, until Windows reboots, which in my case is usually once or twice a month. You need the latest version of signtool to work properly with new tokens, my 2016 version did not work with the /kc argument and gave a crypto API error. I'm now using the following command, where you need to replace certfile with the exported PEM, DER or CER certificate file name, token-password with the new password you set (leave {{}} alone), and update the Private Key Container Name that in my case is a time stamp of when the key was created, Sectigo_20250107102535 to your own version, to allow signtool to locate the private key: signtool sign /f "certfile" /csp "eToken Base Cryptographic Provider" /kc "[{{token-password}}]=Sectigo_20250107102535" /as /fd sha256 /tr http://timestamp.sectigo.com /td sha256 "filename' 'filename' 'filemask' If using the /kc argument to pass a password with single logon enabled, the password is saved as if entered manually. Beware when testing that five incorrect password attempts will lock the dongle, assuming the other syntax is correct. The /kc command may need another parameter if you have multiple tokens. Not noticed it before, but signtool allows you to sign multiple files with one command, add two or more filenames at the end, also mask characters are allowed so "c::\path\*.exe" will sign all exe files in the path specified. Multiple files also work for the verify command. It seems the Thales SafeNet Authentication Software also works with Yubico tokens, mine is recognised. Angus