ONLINE HELP
 WINDEVWEBDEV AND WINDEV MOBILE
Help / WLanguage / WLanguage functions / Communication / HTTP functions
  • Security error in a secure transaction
  • Retrieval
  • Accessing a password-protected URL
  • Using a proxy
  • Authentication headers
WINDEV
WindowsLinuxJavaReports and QueriesUser code (UMC)
WEBDEV
WindowsLinuxPHPWEBDEV - Browser code
WINDEV Mobile
AndroidAndroid Widget iPhone/iPadIOS WidgetApple WatchMac Catalyst
Others
Stored procedures
Sends an HTTP form. This form was created by HTTPCreateForm.
Example
HTTPCreateForm("FORM")
HTTPAddParameter("FORM", "Price", "3400") 
...
HTTPSendForm("FORM", "www.mysite.com")
// Example for sending a file 
lIdForm = "TEST"
HTTPCreateForm(lIdForm) 
HTTPAddFile(lIdForm, "file", "C:\temp\Certificate.pdf") 
IF NOT HTTPSendForm(lIdForm, "http://test.myserver.net", httpPost, "AGENT") THEN 
...
END
Syntax

Full syntax Hide the details

<Result> = HTTPSendForm(<Form name> , <URL to contact> [, <HTTP Method> [, <User agent> [, <Additional HTTP header> [, <Type of form> [, <Username> [, <Password>]]]]]])
<Result>: Boolean
  • True if the HTTP form was sent,
  • False if an error occurs. To get more details on the error, use ErrorInfo with the errMessage constant.
<Form name>: Character string
Name of HTTP form to send.
<URL to contact>: Character string
Address of server to contact (URL address).
This parameter can contain the port number for connecting to the server. The default value is 80 (corresponds to a server of Web pages). To specify a port number, use the following format: "<Server URL>:<Port number>".
For example: http://www.windev.com:80.
Note: To perform a secure transaction, the URL must start with "https://".
<HTTP Method>: Optional Integer constant
HTTP method used:
httpCopyCOPY method
httpDeleteDELETE method
httpGetGET method
httpHeadHEAD method
httpPatchPATCH method
httpPost
(Default value)		POST method
httpPutPUT method
<User agent>: Optional character string
Identifies the client. The "PC SOFT Framework" value is returned by default.
The content of the response may depend on the user agent. In this case, for more details, see the documentation of user agent.
<Additional HTTP header>: Optional character string
  • Additional HTTP header that will be added to the HTTP message. Caution: This string must end with a Carriage Return (CR)..
  • Empty string ("") if no HTTP header must be added.
<Type of form>: Optional character string or optional constant
Type of form that will be sent to the server. This parameter corresponds to "Content-Type".
By default, the message type corresponds to "application/x-www-form-urlencoded". This parameter can correspond to one of the following constants:
mimeTypeMultiPartFormThe message type corresponds to: "multipart/form-data" (mainly used for file transfer).
mimeTypeSimpleForm
(Default value)		The message type corresponds to: "application/x-www-form-urlencoded".
<Username>: Optional character string
Name used to access a page with a protected URL (empty string by default). This name is used to identify the user.
<Password>: Optional string or Secret string
Password associated with the username (empty string by default). Used to access a page with a protected URL. Caution: The password is not encrypted when it is sent over the Internet.
New in version 2025
Secret strings: If you use the secret string vault, the type of secret string used for this parameter must be "ANSI or Unicode string".
To learn more about secret strings and how to use the vault, see Secret string vault.
New in version 2025
AndroidAndroid Widget Secret strings are not available for this parameter in Android/Android widget applications.
WINDEVWEBDEV - Server codeAndroidAndroid Widget iPhone/iPadIOS WidgetAjax

Syntax with the httpRequest type Hide the details

<Result> = HTTPSendForm(<Form name> , <HTTP request>)
<Result>: httpResponse variable
Name of the httpResponse variable containing the response from the request.
<Form name>: Character string
Name of HTTP form to send.
<HTTP request>: httpRequest variable
Name of the httpRequest variable containing the parameters required to send the form.
WINDEVAndroidAndroid Widget iPhone/iPadIOS Widget

Asynchronous syntax that uses the httpRequest type Hide the details

HTTPSendForm(<Form name> , <HTTP request> , <WLanguage procedure>)
<Form name>: Character string
Name of HTTP form to send.
<HTTP request>: httpRequest variable
Name of the httpRequest variable containing the parameters required to send the form.
<WLanguage procedure>: Procedure name
Name of the WLanguage procedure called during the response from the HTTP server. This procedure has the following format:
PROCEDURE <Procedure name>(<Response> is httpResponse)
where <Response> is an httpResponse variable containing the response received from the HTTP server.
Remarks

Security error in a secure transaction

During a secure transaction, the sending of the form may fail due to security errors:
  • invalid certificate or certificate issued by an unknown organization.
  • the name of the site specified in the certificate does not correspond to a server.
  • invalid or expired certificate date.
  • redirection to a non-secure server.
These errors are returned by ErrorInfo.
If one of these errors occurs, you can re-run the request while ignoring the errors.
Two methods can be used according to the syntax:
  • Syntax 1: HTTP.IgnoreError variable (see paragraph below).
  • WINDEVWEBDEV - Server codeiPhone/iPadAjax Syntax 2: IgnoreError property of the httpRequest variable.
If the full syntax is used (syntax 1), all you have to do is use the HTTP.IgnoreError variable:
Error returned by ErrorInfo
(with the errCode constant)		Value of HTTP.IgnoreError
(these values can be combined)		Description
httpErrorInvalidCertificate
Invalid certificate or certificate coming from an unknown company		httpIgnoreInvalidCertificateThe certificate is ignored.
httpErrorInvalidCertificateName
The site name specified in the certificate does not correspond to a server		httpIgnoreInvalidCertificateNameIgnores the site name specified in the certificate.
httpErrorExpiredCertificate
Invalid or expired certificate date		httpIgnoreExpiredCertificateIgnores the certificate date
httpErrorRedirectToHTTP
Redirection to a non-secure server		httpIgnoreRedirectToHTTPThe redirection to a non-secure server is allowed.
httpIgnoreRedirectToHTTPS
Redirection to a secure server		httpIgnoreRedirectToHTTPSThe redirection to a secure server is allowed.
For example:
// Send a form on a secure server
ResStart = HTTPSendForm("FORM", "https://www.MyServer.com")
// If an error occurs
IF ResStart = False THEN
	// According to the type of error
	SWITCH ErrorInfo(errCode)
	  // Invalid certificate or coming from an unknown company
	  CASE httpErrorInvalidCertificate: 
		// Ignore the certificate?
		IF YesNo("Caution, a security alert was detected!", ...
			 "The certificate is invalid.", ...
				"Do you want to ignore this certificate?") = Yes THEN
			HTTP.IgnoreError = httpIgnoreInvalidCertificate
			// Send the form again while ignoring this error
			HTTPSendForm("FORM", "https://www.MyServer.com")
		END
	// Invalid or expired certificate date
	CASE httpErrorExpiredCertificate: 
		// Ignore the certificate date?
		IF YesNo("Caution, a security alert was detected!", ...
			"The certificate date is invalid or expired.", ...
				"Do you want to ignore this date?") = Yes THEN
			HTTP.IgnoreError = httpIgnoreExpiredCertificate
			// Send the form again while ignoring this error
			HTTPSendForm("FORM", "https://www.MyServer.com")
		END
	END
END
AndroidAndroid Widget The errors regarding the security of transactions are not returned by ErrorInfo (the connection is refused). These errors cannot be ignored. The HTTP.IgnoreError variable is not available.

Retrieval

HTTPGetResult retrieves the result of the last HTTP form sent.

Accessing a password-protected URL

To access a password-protected URL, you can:
  • use the <Username> and <Password> parameters in HTTPSendForm.
  • specify the username and password in the <URL to contact> parameter.
    For example:
    <Result> = HTTPSendForm("http://<user>:<password>@<URL to contact>")

Using a proxy

To access the URL specified in HTTPSendForm via a proxy, use Proxy.

Authentication headers

The authentication headers are automatically generated in the following cases:
  • If HTTPSendForm uses the syntax with username and password.
  • If the server URL is password protected
  • If Proxy is used.
Business / UI classification: Business Logic
Component: wd300com.dll
See also
Minimum version required
  • Version 14
This page is also available for…
Comments
Click [Add] to post a comment

Last update: 06/03/2025

Send a report | Local help