HTTP Response
Set HTTP response headers, status codes, cookies, and redirects in Site Mode. All verbs take effect on the current HTTP response. They are no-ops outside of site mode.
| Verb | Description |
|---|---|
HEADER "Name" AS "Value" | Set a response header |
STATUS 404 | Set HTTP status code. Default is 200. |
REDIRECT "url" AS "302" | Issue an HTTP redirect. Code: "301", "302" (default), "307", "308" |
COOKIE "name" AS "value" WITH "/" | Set a cookie. WITH is the path (default /). Optional: ON "seconds" for Max-Age. |
COOKIE "name" AS "value" WITH "/" ON "3600" | Cookie with Max-Age of 3600 seconds |
COOKIE DELETE "name" | Expire and remove a cookie |
Set headers
HEADER "Content-Type" AS "application/json"
AFTER HEADER "X-Powered-By" AS "OQL"
AFTER EMIT `{"status":"ok"}`
Status codes
IF ?authenticated IS EQUAL TO false
OPEN NEST
STATUS 401
AFTER EMIT "Unauthorized"
AFTER EXIT ALL
CLOSE NEST
Redirect
LOGIN !POST(username) WITH !POST(password) SET ?token
AFTER IF ?token IS NOT NULL
OPEN NEST
COOKIE "session" AS ?token WITH "/" ON "86400"
AFTER REDIRECT "/dashboard" AS "302"
CLOSE NEST
ELSE
OPEN NEST
STATUS 401
AFTER EMIT "Invalid credentials"
CLOSE NEST
Cookies
(* Set *)
COOKIE "lang" AS "en" WITH "/" ON "31536000"
(* Read *)
EMIT !COOKIE(lang)
(* Delete *)
COOKIE DELETE "lang"
CORS headers
HEADER "Access-Control-Allow-Origin" AS "*"
AFTER HEADER "Access-Control-Allow-Methods" AS "GET, POST, OPTIONS"
AFTER HEADER "Access-Control-Allow-Headers" AS "Content-Type, Authorization"
AFTER IF !REQUEST(method) IS IDENTICAL TO "OPTIONS"
OPEN NEST STATUS 204 AFTER EXIT ALL CLOSE NEST