There are transactions for reading an HTTP header by name and for getting and setting strongly typed cookies. Cookies may only be created by the declaration form, ensuring that they be named consistently based on module structure. For now, cookie operations are server-side only.
There are also an abstract type and functions for converting to it, based on the policy defined by [allow|deny] url directives in the project file.
raises a runtime error if the string passed to it fails the URL policy.
It is possible to grab the current page's URL or to build a URL for an arbitrary transaction that would also be an acceptable value of a link attribute of the a tag. These are server-side operations.
Page generation may be interrupted at any time with a request to redirect to a particular URL instead.
It's possible for pages to return files of arbitrary MIME types. A file can be input from the user using this data type, along with the form tag. These functions and those described in the following paragraph are server-side.
It is also possible to get HTTP request headers and environment variables, and set HTTP response headers, using abstract types similar to the one for URLs.
A blob can be extracted from a file and returned as the page result. There are bless and check functions for MIME types analogous to those for URLs.