iTP Active Transaction Pages (iTP ATP) Programmer's Guide
Designing and Debugging ATP Applications
iTP Active Transaction Pages (iTP ATP) Programmer’s Guide—522292-002
6-3
Security Considerations
Security Considerations
ATP does not provide any security beyond what is provided by the services with which
your script communicates. For example, a script can open a socket and send an SMTP
message.
If your script implements security checking, it should check security each time a page is
loaded, as demonstrated in several of the sample applications on the ATP CD. ATP does
not implement the concept of a session.
Writing Robust Scripts
The following coding practices can improve the tolerance of your scripts to differences
in the characteristics of JavaScript environments:
•
End each function with an explicit return statement.
•
End each statement with a semicolon (;).
•
Declare each procedure or function before calling it.
•
Use braces in if statements.
Debugging ATP Applications
There is no true debugger for the JavaScript environment on Compaq NonStop Kernel
systems. Instead you must rely on standard language features to debug your application.
This section describes several debugging techniques.
General Guidelines
The following guidelines apply to ATP applications in general:
•
Display the document source, using browser menu selections, to discover what ATP
actually sent to the browser.
•
If a table is not displayed, or is not displayed correctly, temporarily remove the
<table> tag. (If an error occurs during construction of a table, the browser will
not present the output until it encounters the </table> tag. Removing the tag lets
you see the table data.)
•
If the same page contains client-side and server-side JavaScript, check the tags to
make sure the two types of JavaScript are correctly distinguished. Also, take care to
declare and initialize variables in the environment where they apply.
•
Check the iTP Secure WebServer error log to determine whether a WebServer error
caused the problem you are trying to solve.
•
Check the event log for errors from underlying services such as NonStop TS/MP,
NonStop TM/MP, NonStop TUXEDO, and NonStop TCP/IP.