Adds an HTTP response header field.

http://marklogic.com/xdmp/privileges/xdmp-add-response-header

  xdmp:add-response-header("meta", "description")

For PUT requests, returns the body of the request. For POST requests, returns the body of the request if it is not of content-type application/x-www-form-urlencoded.

Returns the empty sequence if it is not called from an application server.

If the content-type of the POST body is application/x-www-form-urlencoded, it is not available here, but instead is available in its decoded form through xdmp:get-request-field-names() and xdmp:get-request-field().

If there is no content-type header in the request, then the request body defaults to application/x-www-form-urlencoded, and therefore xdmp:get-request-body will return the empty sequence. If you want to read the request body, then the POST must include a content-type header.

You can use this function to process certain types of web service SOAP requests with MarkLogic Server.

The output of an xdmp:get-request-body call is typically a document node, so if you want to get the contents of the POST, you should add a /node() XPath step to the output. The contents of the document node could be a text node, an element node, or a binary node.

  xdmp:get-request-body()/node()
  => "<a>Contents of POST body.</a>"

Returns as a string the internet address of the client from which the HTTP server request is issued.

Returns the empty sequence if it is not called from an HTTP server.

Use this function if you need to get the internet protocol (IP) address of the requesting client. For example, you can create an application that contains conditional code based on IP addresses (see the example below).

The following example shows logic which checks if the request was submitted from the "localhost" IP address (127.0.0.1).

  if (xdmp:get-request-client-address() eq "127.0.0.1")
  then "Submitted from localhost."
  else "Only localhost access is allowed for this application."

  xdmp:get-request-client-address()
  => "127.0.0.1"

Returns the PEM encoded client certificate if one was presented.

Returns the empty sequence if it is not called from an HTTP server, if SSL is not enabled for the HTTP server, or if no certificate is available. A clients will not send its certificate unless the server requests it.

Use this function if you need to examine a client's certificate.

The following example returns an XML representation of a client certificate if one is available.

  for $p in xdmp:get-request-client-certificate()
  return xdmp:x509-certificate-extract($p)

Returns the value of a named request field. If the request field is a multipart/form-data type in a POST form, you can use xdmp:get-request-field for file upload applications (see the second example below).

  xdmp:get-request-field("index")
  => "10"

 
Consider a form.xqy XQuery module with the following content:

  <html xmlns="http://www.w3.org/1999/xhtml">
    <body>
    <form name="test" action="upload.xqy?uid={xdmp:random()}" method="post"
          enctype="multipart/form-data">
    <p><label>File to upload:
    <input type="file" class="name" name="upload" size="50"/></label></p>
    <p><input type="submit" value="Upload and Get Results"/></p>
    </form>
    </body>
  </html> 

Then have an upload.xqy XQuery module as follows:

 let $filename := xdmp:get-request-field-filename("upload")
 let $disposition := fn:concat("attachment; filename=""",$filename,"""")
 let $x := xdmp:add-response-header("Content-Disposition", $disposition)
 let $x:= xdmp:set-response-content-type(
             xdmp:get-request-field-content-type("upload"))
 return
 xdmp:get-request-field("upload")

Execute the form.xqy file, select a file, and click the 
"Upload and Get Results" button.  The file you uploaded
will open according to the mime type the browser.  If you
wanted to save it to the database, you could use 
xdmp:document-insert to do so.

This function is used to extract the content type from the request field. It returns a sequence of content types, one for each filename, in the same order as the filenames returned from xdmp:get-request-field-filename.

This function is useful for file upload applications. For an example, see the second example in the xdmp:get-request-field documentation.

  (: 
     Returns the content type of the files loaded in the 
     "upload" input form element.
  :)
  xdmp:get-request-field-content-type("upload")
  => "application/msword"

Returns a list of filenames from a multipart request for the field name specified. Returns an empty sequence for a field that does not exist.

This function is useful for file upload applications. For an example, see the second example in the xdmp:get-request-field documentation.

  (: 
     Returns the filename of the files loaded in the 
     "upload" input form element.
  :)
  xdmp:get-request-field-filename("upload")
  => "myfile.doc"

Returns a sequence of the request field names.

  xdmp:get-request-field-names()
  => ("section", "name", ...)

Returns the value of a named request header.

  xdmp:get-request-header("A")
  => "foo"

Returns a sequence of request header names.

  xdmp:get-request-header-names()
  => ("A", "B", ...)

Returns the HTTP request method.

  xdmp:get-request-method()
  => "GET"

Returns the HTTP request path.

  xdmp:get-request-path()
  => "/example.xqy"

Returns as a string the request protocol (either "http" or "https")

Returns the empty sequence if it is not called from an HTTP server.

Use this function if you need to determine whether the client connection is HTTP or HTTPs.

The following example shows logic which checks if the request was submitted via https.

  if (xdmp:get-request-protocol() eq "https")
  then "Submitted via https."
  else "Application requires secure connections only."

  xdmp:get-request-protocol()
  => "https"

Returns the portion of the URL following the host_name:port_number. The output does not include any fragment identifier supplied with the URL (that is, it does not include the # sign or anything following the # sign).

  xdmp:get-request-url()
  => "/example.xqy?name=foo&year=2006"

Returns the username from the Authorization header of this App Server request.

  xdmp:get-request-username()
  => "fred"

Returns two nodes, the first containing the HTTP response code and the second containing the HTTP response message.

You can use this with an HTTP Server error handler to create custom error pages.

  xdmp:response-code()
  => 200
     OK

Returns the encoding that the response from this server is in.

Returns the value of a named server field. A server field is created with xdmp:set-server-field and stores a name/value pair in memory. The server field is available on the App Server in which it is set on the host in which the App Server runs, via xdmp:get-server-field; a server field that is set on one App Server is not available on other App Servers on that host or on the same App Server running on another host. Server fields are commonly used with the system Plugin Framework.

http://marklogic.com/xdmp/privileges/xdmp-get-server-field

  xdmp:get-server-field("foo")
  => "bar"

Returns a sequence of the server field names.

http://marklogic.com/xdmp/privileges/xdmp-get-server-field-names

This functions returns the server field names of the fields for which you have privileges to see. Users with the admin role have privileges to see all of the server fields. Information Studio uses several protected server fields, each having a name that starts with "plugin". Therefore, if you are a user with the admin role, you will see all of those fields when you call xdmp:get-server-field-names.

xdmp:get-server-field-names()
 =>
("name1","name2")

Returns the value of a named session field from the session created by the xdmp:login function.

http://marklogic.com/xdmp/privileges/xdmp-get-session-field

You can use the xdmp:set-session-field function to set a named value in a session and the xdmp:get-session-field-names function to return the names of the fields in the session.

  xdmp:get-session-field("user")
  => "marklogic"

Returns a sequence of the HTTP session field names from the session created by the xdmp:login function.

http://marklogic.com/xdmp/privileges/xdmp-get-session-field-names

You can use the xdmp:set-session-field function to set a named value in a session and the xdmp:get-session-field function to return a value set in a session field.

  xdmp:get-session-field-names()
  => ("user", "role", "action", "index")

Returns the URL of the URL rewriter handler for this application server. An empty string is returned if there is no rewrite handler.

This function is useful for implementing a rewrite handler where you may want to resolve a location relative to the rewrite handler rather than to the specific request. This may be the case if the rewrite handler is acting as a delegator to known modules.

  fn:resolve-uri("special-handler.xqy", xdmp:get-url-rewriter-path())

Logs in a user on an application server that is using application-level authentication and sends a session cookie containing the session ID to the user's browser. Returns true on success, false on failure.

If the user calling this function has the xdmp:login privilege, this function can be called without a password or with the empty sequence as the password. In this case, login will succeed if the specified user exists. Therefore, use the xdmp:login privilege carefully, as any user with that privilege will be able to execute code that uses the xdmp:login function to log in as any user.

The session exists in the E-node on which it was created; you cannot access that session from a different E-node.

You can use the xdmp:set-session-field function to set a named value in the session and the xdmp:get-session-field function to return a value set in a session field. The user session expires when the session reaches its timeout limit. The session cookie remains on the browser until the browser exits or the cookie is explicitly removed by the user.

  xdmp:login("mark","secret")
  => true() -- if user "mark" has password "secret"

  xdmp:login("username") or xdmp:login("username", ()) 
  => true() -- if user calling the function has the 
               xdmp:login privilege

  xdmp:login("username") or xdmp:login("username", ()) 
  => SEC-PRIV exception if the user calling the function does 
              not have the xdmp:login privilege

  xdmp:login("username")
  => true() -- if current user has the xdmp:login privilege

  xdmp:login("username")
  => SEC-PRIV exception if current user does not have the 
              xdmp:login privilege

Logs the current user out of the session on the server. The result is that the current user is set to the default user defined in application-level authentication. The session remains on the server until it expires.

  xdmp:logout()
  => ()

Redirects the App Server response to a given location.

  xdmp:redirect-response("http://marklogic.com/howtobuy.xqy")

Changes the time limit for an actively running request to the specified value. If you do not supply values for the last three parameters, the function sets the time limit for the current request.

http://marklogic.com/xdmp/privileges/xdmp-set-request-time-limit-any or http://marklogic.com/xdmp/privileges/xdmp-set-request-time-limit-my

  xdmp:set-request-time-limit(10000)

Sets the response code and message.

  xdmp:set-response-code(204,"No Content")

Sets the response content-type.

  xdmp:set-response-content-type("text/html")

Sets the response encoding.

  xdmp:set-response-encoding("ISO-8859-1")

Sets the value of a named server field. A server field is created with xdmp:set-server-field and stores a name/value pair in memory. The server field is available on the App Server in which it is set on the host in which the App Server runs, via xdmp:get-server-field; a server field that is set on one App Server is not available on other App Servers on that host or on the same App Server running on another host.

http://marklogic.com/xdmp/privileges/xdmp-set-server-field

If you use a server field with the Plugin Framework (by placing the xdmp:set-server-field code in a main module under the Plugins directory on a host), then the server field will be populated for each App Server on the host before the first request against each App Server is run.

  xdmp:set-server-field("foo", "bar")
  => "bar"

Sets the privilege of a named server field.

http://marklogic.com/xdmp/privileges/xdmp-set-server-field-privilege

Changing the server field value on a field being used with a plugin will change the behavior of the plugin. Therefore, if you are using a server field in a plugin, it is a good practice to set a privilege on the server field to protect it from malicious or accidental updates.

  xdmp:set-server-field-privilege("foo", "http://mydomain.com/privileges/foo-server-field")

Sets the value of a named session field for the session created by the xdmp:login function.

http://marklogic.com/xdmp/privileges/xdmp-set-session-field

You can use the xdmp:get-session-field-names function to return the names of the fields in the session and the xdmp:get-session-field function to return a value set in a session field.

  xdmp:set-session-field("user", "marklogic")
  => "marklogic"

Returns true if a given URI refers to a file which exists on the current application server. Returns false if the file does not exist. Returns the empty sequence if the URI is the empty sequence.

  xdmp:uri-is-file("apppages/test.xml")
  => true if test.xml exists in "apppages" sub-directory 
  relative to the directory of the file containing the request.

  xdmp:uri-is-file("/sub-directory/test.xml")
  => true if test.xml exists in "sub-directory" relative 
  to the root directory of the application server.

Converts URL-encoded string to plaintext.

  xdmp:url-decode("Why+not%3f")
  => "Why not?"

Converts plaintext into URL-encoded string.

  xdmp:url-encode("Why not?")
  => "Why+not%3f"

Returns the XML representation of the specified X.509 certificate.

xquery version "1.0-ml"; 
  
let $cert := "-----BEGIN CERTIFICATE-----
MIID4DCCA0mgAwIBAgIJAIp4RM8+Lkr3MA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD
VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKU2FuIENhcmxv
czETMBEGA1UEChMKTWFyayBMb2dpYzEUMBIGA1UECxMLRW5naW5lZXJpbmcxHjAc
BgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEjMCEGCSqGSIb3DQEJARYUd2Zl
aWNrQG1hcmtsb2dpYy5jb20wHhcNMDgxMjAzMDEyNzQ5WhcNMDkxMjAzMDEyNzQ5
WjCBpzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
ClNhbiBDYXJsb3MxEzARBgNVBAoTCk1hcmsgTG9naWMxFDASBgNVBAsTC0VuZ2lu
ZWVyaW5nMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxIzAhBgkqhkiG
9w0BCQEWFHdmZWlja0BtYXJrbG9naWMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDnauIbA33nIH8IpiUyWA9sB/X3d8DU8cKbEes1dk6xX3mFfMWja56D
vkPFaX9/voSbeG1E92d2Y518xvjgoR8okf2rkDI35nqA9ejcuC0wg0tXuh5OSVfr
UpzVSwbCy55fweaVzkKC2TZXgOy5JeNbw+i/UohTLW2TPwQ4rpynPwIDAQABo4IB
EDCCAQwwHQYDVR0OBBYEFLY2z4PX7fWY47gRhGpVJBIJpufYMIHcBgNVHSMEgdQw
gdGAFLY2z4PX7fWY47gRhGpVJBIJpufYoYGtpIGqMIGnMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKU2FuIENhcmxvczETMBEGA1UE
ChMKTWFyayBMb2dpYzEUMBIGA1UECxMLRW5naW5lZXJpbmcxHjAcBgNVBAMTFUNl
cnRpZmljYXRlIEF1dGhvcml0eTEjMCEGCSqGSIb3DQEJARYUd2ZlaWNrQG1hcmts
b2dpYy5jb22CCQCKeETPPi5K9zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA
A4GBAA8/lJQK6NmHFvP85LS3Sdfnd9D9opDeehqv4LfoFWxHMiKsxSA7hrYRs6u9
qQxCED54UfB1+kjs2GrM4H1uWeeHADdUKDRVHcivCVqWP4GUD2r0upKj8C3UD46V
aNHLW0yW7Anf4DMBsfhvKfIopBDoP6NPbDith5RtmM98N8xn
-----END CERTIFICATE-----"
 
return xdmp:x509-certificate-extract($cert)

=>

<cert>
  <version>2</version>
  <serialNumber>8A7844CF3E2E4AF7</serialNumber>
  <signatureType>sha1WithRSAEncryption</signatureType>
  <issuer>
    <countryName>US</countryName>
    <stateOrProvinceName>California</stateOrProvinceName>
    <localityName>San Carlos</localityName>
    <organizationName>MarkLogic</organizationName>
    <organizationalUnitName>Engineering</organizationalUnitName>
    <commonName>Certificate Authority</commonName>
    <emailAddress>me@marklogic.com</emailAddress>
  </issuer>
  <validity>
    <notBefore>2008-12-03T01:27:49Z</notBefore>
    <notAfter>2009-12-03T01:27:49Z</notAfter>
  </validity>
  <subject>
    <countryName>US</countryName>
    <stateOrProvinceName>California</stateOrProvinceName>
    <localityName>San Carlos</localityName>
    <organizationName>MarkLogic</organizationName>
    <organizationalUnitName>Engineering</organizationalUnitName>
    <commonName>Certificate Authority</commonName>
    <emailAddress>me@marklogic.com</emailAddress>
  </subject>
  <publicKey>-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDnauIbA33nIH8IpiUyWA9sB/X3
d8DU8cKbEes1dk6xX3mFfMWja56DvkPFaX9/voSbeG1E92d2Y518xvjgoR8okf2r
kDI35nqA9ejcuC0wg0tXuh5OSVfrUpzVSwbCy55fweaVzkKC2TZXgOy5JeNbw+i/
UohTLW2TPwQ4rpynPwIDAQAB
-----END PUBLIC KEY-----
</publicKey>
  <v3ext>
    <subjectKeyIdentifier critical="false">B6:36:CF:83:D7:ED:F5:98:E3:B8:11:84:6A:55:24:12:09:A6:E7:D8</subjectKeyIdentifier>
    <authorityKeyIdentifier critical="false">keyid:B6:36:CF:83:D7:ED:F5:98:E3:B8:11:84:6A:55:24:12:09:A6:E7:D8
DirName:/C=US/ST=California/L=San Carlos/O=MarkLogic/OU=Engineering/CN=Certificate Authority/emailAddress=me@marklogic.com
serial:8A:78:44:CF:3E:2E:4A:F7
</authorityKeyIdentifier>
    <basicConstraints critical="false">CA:TRUE</basicConstraints>
  </v3ext>
</cert>