TsgcWSAPIKeyManager › Methods › ExtractKeyFromQuery
Parses the Validation.QueryParamName value out of a raw query string.
function ExtractKeyFromQuery(const aQueryString: string): string;| Name | Type | Description |
|---|---|---|
aQueryString | const string | Raw query string (may include a leading ?) or a full URL — anything after the first ? is parsed as name=value&…. |
URL-decoded value of the configured parameter, or an empty string when the parameter is absent or empty. (string)
Low-level parser used as a fallback inside IsRequestAuthorized when no header value is found. Reads the parameter named by Validation.QueryParamName (default api_key) from the supplied query string, honouring standard URL decoding (%XX, + as space). Useful when clients cannot set custom headers (CDN caches, <img> tags, server-side redirects). Prefer the header over the query-string form in production — query-string keys tend to leak into access logs and browser history.
var
vKey: string;
begin
vKey := sgcWSAPIKeyManager1.ExtractKeyFromQuery(Connection.URL);
if vKey = '' then
vKey := sgcWSAPIKeyManager1.ExtractKeyFromHeaders(Connection.HeadersRequest.Text);
end;