7.5 Managing Application Attributes

Application attributes apply to an entire application. Once you create an application, you can review and possibly update application attributes.

• Editing the Application Attributes

• Configuring Security Attributes

• Configuring Globalization Attributes

• Managing the Application User Interface

See Also:

"How to Create a Custom Packaged Application" for information on using the Supporting Objects utility to create a packaged application

7.5.1 Editing the Application Attributes

This section describes how to edit application attributes (also known as the application definition). Common attributes you may want to edit include the application name, application availability, and defined substitution strings.

• Accessing the Edit Application Definition Page

• Edit Application Definition Page

7.5.1.1 Accessing the Edit Application Definition Page

You edit application attributes on the Edit Application Definition page.

To edit the application definition:

1. On the Workspace home page, click the Application Builder icon.

2. Select an application.

3. Click the Edit Application Properties button to the right of the application name.

   
   Description of the illustration ''edit_app_prop.png''
   
   

   The Edit Application Definition page appears.

7.5.1.2 Edit Application Definition Page

The following sections describe regions and attributes on the Edit Application Definition page. In addition to the attributes described here, the Edit Application Definition page displays defined build options, the associated theme, template defaults, and component defaults. Required values are marked with a red asterisk (*).

• Name

• Properties

• Availability

• Error Handling

• Global Notification

• Substitutions

• Build Options

7.5.1.2.1 Name

Use Name attributes to define basic characteristics of your application, including the application name, an optional alphanumeric alias, and a version number. Table 7-2 describes all Name attributes.

Table 7-2 Application Definition, Name

Attribute	Description
Name	Provides a short descriptive name for the application to distinguish it from other applications in your development environment.
Application Alias	Assigns an alternate alphanumeric application identifier. You can use this identifier for the application ID. For example, suppose you create an alias of myapp for application 105. Using f?p syntax, you could call application 105 as either: f?p=105:1 f?p=myapp:1 See Also: "About Using f?p Syntax to Link Pages"
Version	Includes the application's version number on a page. You can also automatically tie the version to the date of last modification using the following format masks: YYYY.MM.DD MM.DD.YYYY DD.MM.YYYY If your application version uses YYYY.MM.DD, then Application Builder replaces this format mask with the date of last modification of any application attribute.
Application Group	Displays the application group currently associated with this application. To select another application group, make a selection from the list. To remove an application from an existing group, select Unassigned. See Also: "Managing Application Groups"

7.5.1.2.2 Properties

Use the Properties section to enable the following attributes: logging, debugging, exact substitutions, application group, feedback, and default error display location. Table 7-3 describes all Name attributes.

Table 7-3 Application Definition, Properties

Attribute	Description
Logging	Determines whether user activity is recorded in the Oracle Application Express activity log. When set to Yes, every page view is logged, enabling an administrator to monitor user activity for each application. Disabling logging may be advisable for high volume applications. This attribute can only be modified if the Application Activity Logging attribute in Oracle Application Express Administration Services is set to Use Application Setting. See Also: "Enabling Application Activity" in Logging in Oracle Application Express Administration Guide.
Debugging	Controls debug mode for the current application. Available options include: Yes - Enables the application to run in a debug mode. No - Prevents end users from running an application in debug mode. Running an application in debug mode is useful when an application is under development. However, for a production application, it is a good idea to disable debugging and thus obfuscate application logic.
Allow Feedback	Enables support for end user feedback for this application. Select Yes or No. If enable this option, you must create a feedback page and navigation bar icon to call that page. If you later disable feedback, the navigation bar icon is hidden. See Also: "Managing Feedback"
Compatibility Mode	This attribute controls the compatibility mode of the Application Express runtime engine. Certain runtime behaviors are changed from release to release. Use this attribute to obtain specific application behavior. To realize new behavior in an application, set the compatibility mode of the application to the current version.
Application Email from Address	Determines the email address to use as the from address in the application. Enter a valid email address to use as the from address when sending email from an email download or subscription. The value can be a literal string containing a valid email or a static substitution reference defined in the application using substitution syntax APP_EMAIL. Examples: john.doe@abc.com &MY_APP_EMAIL_FROM. Oracle does not recommend using an item substitution at the application or page-level since it only works in email download, but not for subscriptions. You can also specify the from address on the Interactive Report Attributes page. See "Editing Classic Report Attributes in Component View."
Proxy Server	Use this field to specify a proxy server. For example, you may require a proxy server when using a region source type of URL. The URL region source embeds the results of the URL (that is, the page returned by navigating to the URL) as the region source. If you use a firewall and the target of a URL is outside the firewall relative to Application Builder, you may need to specify a proxy server. You can reference values entered into this field from PL/SQL using the PL/SQL package variable APEX_APPLICATION.G_PROXY_SERVER.

7.5.1.2.3 Availability

Use Availability attributes to manage your application by defining an application status and build status. For example, if you select the status Restricted Access, you can specify which users have access and can run the application. To learn more, see Table 7-4.

Table 7-4 Application Definition, Availability

Attribute	Description
Status	Specifies whether the application is available or unavailable for use. Options include: Available - Application is available with no restrictions. Available with Developer Toolbar - Application is available for use. For developers, the Developer Toolbar displays on each page. Requires the developer to be logged in to the Application Builder in the same browser session. Available to Developers Only - Application is available to users having developer privileges. Restricted Access - Application is available to developers named in the Restrict to comma separated user list. Unavailable - Application cannot be run or edited. The message in Message for unavailable application displays when users attempt to access the application. Unavailable (Status Shown with PL/SQL) - Application cannot be run or edited. Unavailable (Redirect to URL) - Application cannot be run. The user is linked to the URL entered in Message for unavailable application. See Also: "Changing Build Status for Multiple Applications" in Oracle Application Express Administration Guide, "Changing Application Build Status Set During Deployment" in Oracle Application Express Administration Guide, and "Controlling Access to Applications, Pages, and Page Components"
Build Status	Identifies the build status of the current application. Options include: Run and Build Application - Developers and users can both run and develop the application. Run Application Only - Users can only run the application. This option is intended for applications in a production instance. See Also: "Changing Application Build Status Set During Deployment" in Oracle Application Express Administration Guide
Message for unavailable application	Use this attribute with Status. If you set Status to Unavailable, Unavailable (Status Shown with PL/SQL), or Unavailable (Redirect to URL), the text you enter in this attribute displays. If you set Status to Available, the text you enter in this attribute does not display.
Restrict to comma separated user list (status must equal Restricted Access)	Use this attribute with the Status Restricted Access. If you set Status to Restricted Access, only the users listed in this attribute can run the application. To use this attribute: From the Status list, select Restricted Access. Enter a comma-delimited list of users who can run the application in the field provided.

7.5.1.2.4 Error Handling

Use the Error Handling attributes described in Table 7-5 to control or modify how an application logs errors.

Tip:

Error handling functions specified here are overridden by similar page-level attributes.

Table 7-5 Application Definition, Error Handling

Attribute	Description
Default Error Display Location	Identifies where the validation error messages display for basic validations performed by Application Express or by plug-ins. Validation error messages can display in a notification area (defined as part of the page template), or within the field label. Options include: Inline with Field and in Notification - Error messages display in a notification area defined as part of the page template. Inline with Field - Error messages display within the field label. Inline in Notification - Displays in the #NOTIFICATION_MESSAGE# template substitution string when an error occurs on the page.
Error Handling Function	Enter the name of a PL/SQL error function to be called to modify the existing error message and display a more user-friendly message or log the error if one occurs. This function can reference a package function or standalone function in the database. For example: log_apex_error When referencing a database PL/SQL package or standalone function, use the #OWNER# substitution string to reference the parsing schema of the current application. For example: #OWNER#.log_apex_error You must implement error handling functions using the syntax described in the apex_error package. function <name of function> ( p_error in apex_error.t_error ) return apex_error.t_error_result See Also: apex_error in Oracle Application Express API Reference Note: Error handling specified at the page-level overwrites any error handling function specified here.

7.5.1.2.5 Global Notification

Use the Global Notification attribute to communicate system status to application users. For example, you can use this attribute to notify users of scheduled downtime, or communicate other messages regarding application availability. If the page templates used in your application contain the #GLOBAL_NOTIFICATION# substitution string, the text entered here displays in that string's place.

To create a global notification:

1. Include the #GLOBAL_NOTIFICATION# substitution string in your page template.

2. Navigate to the Edit Application Definition page and enter a message in the Global Notification attribute.

3. Click Apply Changes.

See Also:

"Understanding Substitution Strings" and "Page Templates"

7.5.1.2.6 Substitutions

Use Substitutions section to define static substitution strings for your application. You can use static substitution string for phrases or labels that occur in many places within an application. To create a substitution string, enter the string name in the Substitution String column and the string value in the Substitution Value column.

Defining static substitution strings centrally enables you to change text strings in multiple places in your application by making a single change to the Substitution Value defined on this page.

See Also:

"Understanding Substitution Strings"

7.5.1.2.7 Build Options

The Build Options section displays existing build options. Most applications have a build option attribute. Build Options have two possible values: INCLUDE and EXCLUDE. If you specify an attribute to be included, then the Application Express engine considers it at runtime. However, if you specify an attribute to be excluded, then the Application Express engine treats it as if it did not exist.

Do not specify a build option unless you plan to exclude that object from specific installations.

See Also:

"Using Build Options to Control Configuration"

7.5.2 Configuring Security Attributes

You can configure security for your application by configuring attributes on the Edit Security Attributes page. The Security Attributes you choose apply to all pages within an application.

• Accessing the Edit Security Attributes Page

• Security Attributes Page

See Also:

"Managing Application Security"

7.5.2.1 Accessing the Edit Security Attributes Page

To access the Edit Security Attributes page:

1. On the Workspace home page, click the Application Builder icon.

2. Select an application.

3. Click Shared Components.

   The Shared Components page appears.

4. Under Security, click Security Attributes.

   The Edit Security Attributes page appears.

   The Edit Security Attributes page is divided into sections. When you select a tab at the top of the page, the selected section appears and all other sections are temporarily hidden. To view all sections of the page, click Show All.

Tip:

You can also access to the Edit Security Attributes by navigating to the Edit Application Definition and then clicking the Security tab. See "Accessing the Edit Application Definition Page."

7.5.2.2 Security Attributes Page

The following sections describe regions and attributes on the Edit Security Attributes page.

• Authentication

• Authorization

• Session Management

• Session State Protection

• Browser Security

• Database Session

7.5.2.2.1 Authentication

Authentication is the process of establishing users' identities before they can access an application. Although you can define multiple authentication schemes for your application, only one scheme can be current at a time. Table 7-6 describes the attributes available under Authentication.

Table 7-6 Authentication Attributes

Attribute	Descriptions
Public User	Identifies the Oracle schema used to connect to the database through the Database Access Descriptor (DAD). The default value is ANONYMOUS in environments where the database server version is Oracle Database Express Edition and it is APEX_PUBLIC_USER for all other versions of the database server. Once a user has been identified, the Application Express engine keeps track of each user by setting the value of the built-in substitution string APP_USER. Note: Previous versions of Oracle Application Express used the built-in substitution string HTMLDB_PUBLIC_USER. When APP_USER equals this value, the Application Express engine considers the current session to be a public user session. The Application Express engine supports the following built-in display conditions: USER_IS_PUBLIC_USER USER_IS_NOT_PUBLIC_USER If the current application user (APP_USER) equals the value of this attribute, then the user is logged on as a public user. Some applications have public (not logged in) and private (logged in) modes. By determining if the user is the public user, you can conditionally display or hide information. For example, you can show a login button if the user is the public user and a logout link if the user is not a public user. Reference this value using APEX_APPLICATION.G_PUBLIC_USER. The Application Express engine also has built in condition types USER_IS_PUBLIC_USER and USER_IS_NOT_PUBLIC. See Also: "HOME_LINK" and "Understanding Conditional Rendering and Processing"
Authentication Scheme	Select from the authentication schemes defined for the application. To create an authentication scheme, click Define Authentication Schemes. See Also: "How Authentication Works" and "Creating an Authentication Scheme"

7.5.2.2.2 Authorization

Authorization controls user access to specific controls or components based on user privileges. Table 7-7 describes the attributes available under Authorization.

Table 7-7 Authorization Attributes

Attribute	Descriptions
Authorization Scheme	Make a selection from this list to specify an authorization scheme for your application. For example, if you only want company employees to be able to log in to an application you could define an authorization scheme that is true if the users email address ends in '@somecompany.com' and then select that authorization scheme for this option.You can assign only one authorization scheme to an entire application. However, you can assign an authorization scheme to individual pages, page controls (such as a region, a button, or an item), or a shared component (such as a menu, a list, or a tab).
Define Authorization Schemes	Click Define Authorization Schemes to create an authorization scheme.
Run on Public Pages	Use Run on Public Pages to control whether the application-level authorization scheme is checked on public pages (that is, pages that do not require authorization). Options include: Yes - If you select Yes and the page is public, the application authorization is checked. No - If you select No and the page is public, the application authorization is ignored. Application-level authorization is never evaluated on the login page (independent of Run on Public Pages), because authorizations typically are dependent on the username.

See Also:

"Attaching an Authorization Scheme to an Application"

7.5.2.2.3 Session Management

Use Session Timeout attributes to reduce exposure to abandoned computers with an open web browser by application. Table 7-8 describes the attributes available under Session Timeout.

Table 7-8 Session Management

Attribute	Descriptions
Rejoin Sessions	The Rejoin Sessions attribute control if Application Express should support application URLs that do not contain session IDs. When rejoin sessions is enabled, Application Express attempts to use the session cookie to join an existing session, when a URL does not contain a session ID. A more restrictive instance-level setting overrides this page level value. Note: Enabling rejoin sessions exposes your application to possible security breaches, as it can enable attackers to take over existing end user sessions. See "About Rejoin Sessions." Rejoin Sessions options include: Disabled - If the URL does not contain a session ID Application Express creates a new session. Enabled for Public Sessions - If the URL goes to a public page and does not contain a session ID, Application Express attempts to utilize the existing session cookie established for that application. Application Express only joins using the cookie when the session is not yet authenticated. Enabled for All Sessions - If the URL does not contain a session ID, Application Express attempts to utilize the existing session cookie established for that application, providing the following conditions are met: Session State Protection is enabled for the application and the URL includes a valid checksum. For public bookmarks, the most restrictive item level protection must be either Unrestricted or Checksum Required - Application Level. OR, the URL does not contain payload (a request parameter, clear cache or data value pairs). This option requires that Embed In Frames be set to Allow from same origin or Deny. This is not tied to a condition about the URL payload, but also applies to session state protected URLs.
Deep Linking	Use this attribute to enable or prevent deep linking to an application. Options include: Enabled - The URL to a specific page ultimately redirects there, possibly after the user has logged in. Disabled - If the URL does not contain a valid session ID, Application Express starts a new session and redirects to the application's home page. For example, browsers often save the URLs of opened tabs and try to restore the sessions after a restart, causing a deep link. This behavior may be undesirable (for example if a URL points to a page in the middle of a multi-step wizard). By selecting Disable, Application Express starts a new session and redirects to the application's home page. See Also: "Security" to learn more about overriding this behavior at the page-level.
Maximum Session Length in Seconds	Enter a positive integer to control how many seconds a session exists and should be used by this application. Leave the value null to revert the value to the instance level setting. Enter 0 to have the session exist indefinitely. The session duration may be superseded by the operation of the job that runs every eight hours which deletes sessions older than 12 hours.
Session Timeout URL	Enter an optional URL to redirect to when the maximum session lifetime has been exceeded. The target page in this URL, if implemented in Application Express, should be a public page. A common use for this page would be to inform the user of the session expiration and to present a login link or other options. If no URL is supplied, the user is redirected to the application home page. Only three substitution items are supported: &APP_SESSION. &SESSION. &APP_ID. Because of the particular purpose of this URL. it is not necessary to include either &APP_SESSION. or &SESSION. in the link.
Maximum Session Idle Time in Seconds	Enter a positive integer to control the seconds of inactivity or idle time for sessions used by this application. The idle time is the time between one page request and the next one. Leave the value null to revert the value to the instance level setting. Set to 0 to prevent session idle time checks from being performed.
Session Idle Timeout URL	Enter an optional URL to be redirected to when the maximum session idle time has been exceeded. The target page in this URL, if implemented in Application Express, should be a public page. A common use for this page would be to inform the user of the session timeout and to present a login link or other options. If no URL is supplied, the user is redirected to the application home page. Only three substitution items are supported in this URL: &APP_SESSION. &SESSION. &APP_ID. It is not necessary to include either &APP_SESSION. or &SESSION. in the link.

See Also:

"About Utilizing Session Timeout" and "Configuring Session Timeout" in Oracle Application Express Administration Guide

7.5.2.2.4 Session State Protection

Enabling Session State Protection can prevent hackers from tampering with URLs within your application. URL tampering can adversely affect program logic, session state contents, and information privacy. Table 7-9 describes the attributes available under Session State Protection.

Table 7-9 Session State Protection

Attribute	Descriptions
Session State Protection	Make a selection from the Session State Protection list, to enable or disable Session State Protection for your application. Selecting Enabled turns on session state protection controls defined at the page and item level.
Allows URLS Created After	Lists the date and time after which bookmarked links are usable to access pages in this application if the bookmarked link contains a checksum and Session State Protection is enabled for the application. Bookmarks created before this date and time are not usable to access this application if the bookmarked link contains a checksum and Session State Protection is enabled for the application. Bookmarks that do not contain checksums or bookmarks that contain checksums that are unnecessary are not affected by this attribute. Their usability is determined using other criteria. A hidden application attribute (a checksum salt) is used during the computation and later verification of checksums included in f?p= URLs generated during page rendering. Checksums are included when Session State Protection is enabled for the application. You can reset this checksum salt attribute at any time by clicking the Expire Bookmarks button.
Bookmark Hash Function	Used to create checksums for application level and user level checksums in bookmarkable URLs.
Expire Bookmarks	Click Expire Bookmarks to reset this hidden application attribute (a checksum salt) salt attribute at any time. Clicking this button causes any bookmarked URLs that contain previously generated checksums to fail when they are subsequently used to access the application. Tip: You can also click Expire Bookmarks to change the Bookmark Hash Function to switch to a different algorithm for computing checksums.
Manage Session State Protection	Click Manage Session State Protection to configure Session State Protection.

See Also:

"Understanding Session State Protection"

7.5.2.2.5 Browser Security

Table 7-10 describes the attributes available under Browser Security.

Table 7-10 Browser Security

Attribute	Descriptions
Cache	Use Cache to enable or disable browser caching of application page contents. If enabled, the browser saves the contents of pages for this application in its cache, both in memory and on disk. Typically when caching is enabled and the browser back button is clicked, the page is loaded from the cache instead of from the server. If disabled, the browser is instructed not to save application page contents and requests the latest page content from the server whenever the URL changes. To avoid the possibility of saving sensitive data, Oracle recommends that this attribute be disabled. Otherwise, it is possible to go back in the browser history after a logout and see cached content from a previous session. Disabling the browser cache also prevents issues with pages that use partial page refreshes, such as is the case with interactive reports. If this attribute is set to Disabled, Application Express sends the HTTP header cache-control: no-store which instructs the browser to not cache the page contents on disk or in memory. Note that this feature requires modern browsers that support the HTTP header response variable cache-control.
Embed in Frames	Controls if a browser may display your application's pages within a frame. Available options include: Deny - The page cannot be displayed in a frame, regardless of the site attempting to do so. Allow from same origin - The page can only be displayed in a frame on the same origin as the page itself. Allow - The page can be displayed in any frame. Displaying pages within frames can be misused with "clickjacking" attacks. In a clickjacking attack the attacker uses multiple layers to trick a user into clicking a button or link on another page when they were intending to click the top level page. Thus, the attacker is hijacking clicks (or keystrokes) meant for their page and routing them to another page.
HTML Escaping Mode	Defines how Oracle Application Express escapes special characters. Options include: Basic: Escape &, ", < and > Extended: Escape &, ", <, >, ', / and non-ASCII characters if the database character set is not AL32UTF8
HTTP Response Headers	Enter additional application specific HTTP headers that Oracle Application Express should send on each response and that it does not support in another way (for example, X-Frame-Options using the Embed in Frames attribute). Example: X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff

Tip:

Both Cache and Embed in Frames require modern browsers that support the HTTP header response variable X-Frame-Options.

7.5.2.2.6 Database Session

Table 7-11 describes the attributes available under Database Session.

Table 7-11 Database Session

Attribute	Descriptions
Parsing Schema	Specifies the schema that all SQL and PL/SQL in the application will be parsed as. You may use #OWNER# to reference this value in SQL queries and PL/SQL (for example, in a region or a process).
Initialization PL/SQL Cod	Use this attribute to enter a PL/SQL block that sets a context for the database session associated with the current "show page" or "accept page" request. The block you enter here is executed at a very early point during the page request, immediately after the APP_USER value is established. The value of APP_USER (using :APP_USER or v('APP_USER')) may be used within the block. Values of other items in session state may be referenced as well, but any such items must have been established in session state before the initiation of the current page request. To view examples, see field-level Help.
Cleanup PL/SQL Code	Use this attribute to enter a PL/SQL block that runs at the end of page processing. It can be used to free or clean up resources that were used, like VPD contexts or database links. To view examples, see field-level Help.
Runtime API Usage	Control how this application can access Oracle Application Express APIs that modify applications and workspace data, while it is running. Options include: Modify This Application: The application can modify itself. Modify Other Applications: The application can change other applications in the workspace. Modify Workspace Repository: The application can change workspace users and groups.

See Also:

"Providing Security Through Authorization" and Oracle Label Security Administrator's Guide

7.5.3 Configuring Globalization Attributes

In Application Builder you can develop applications that can run concurrently in different languages. A single application can be translated to support different languages. Use the attributes on the Edit Globalization Attributes page to specify globalization options such as the primary application language.

• Accessing the Globalization Attributes Page

• Edit Globalization Attributes Page

See Also:

"Managing Application Globalization"

7.5.3.1 Accessing the Globalization Attributes Page

To access the Edit Globalization Attributes page:

1. On the Workspace home page, click the Application Builder icon.

2. Select an application.

   The Application home page appears.

3. Click Shared Components.

   The Shared Components page appears.

4. Under Globalization, click Globalization Attributes.

   The Edit Globalization Attributes page appears.

Tip:

You can also access to the Edit Globalization Attributes page by navigating to the Edit Application Definition and then clicking the Globalization tab. See "Accessing the Edit Application Definition Page."

7.5.3.2 Edit Globalization Attributes Page

The following sections describe the attributes available on the Edit Globalization Attributes page.

• Application Primary Language

• Application Language Derived From

• Application Date Format

• Application Date Time Format

• Application Timestamp Format

• Application Timestamp Time Zone Format

• Character Value Comparison

• Character Value Comparison Behavior

• Automatic Time Zone

• Automatic CSV Encoding

See Also:

"Specifying the Primary Language for an Application"

7.5.3.2.1 Application Primary Language

Identifies the language in which an application is developed. This language is the base language from which all translations are made. For example, suppose application 100 was authored in English, translated into French, and published as application 101. English would be the Application Primary Language.

All modifications to the application should be made to the primary language specified here.

7.5.3.2.2 Application Language Derived From

Determines how Application Builder determines or derives the application language.

The application primary language can be static, derived from the web browser language, or determined from a user preference or item. The database language setting also determines how the date is displayed and how certain information is sorted.

This option enables you to disable browser derived language support. You also have the option of having the application language derived from an application preference. To learn more, see Field-level Help.

7.5.3.2.3 Application Date Format

Determines the date format to be used in the application.

Use this date format to alter the NLS_DATE_FORMAT database session setting before showing or submitting any page in the application. This value can be a literal string containing a valid Oracle date format mask or an item reference using substitution syntax. If no value is specified, the default date format is derived from the database session at runtime. Consider the following examples:

Month DD, YYYY
&MY_DATE_FORMAT.

7.5.3.2.4 Application Date Time Format

Specify the date time format to be used in the application.

This date time format can be referenced in an application using the substitution reference &APP_DATE_TIME_FORMAT., or in PL/SQL using the function v('APP_DATE_TIME_FORMAT'). This attribute does not alter any NLS settings. This value can be a literal string containing a valid Oracle date format mask or an item reference using substitution syntax. If this attribute value is not specified, then a reference to APP_DATE_TIME_FORMAT returns the NLS database session date format and the NLS time format. Consider the following examples:

Month DD, RRRR HH24:MI
&MY_DATE_TIME_FORMAT.

7.5.3.2.5 Application Timestamp Format

Determines the timestamp format to be used in the application. Select a timestamp format from the list of values.

Use this timestamp format to alter the NLS_TIMESTAMP_FORMAT database session setting before showing or submitting any page in the application. This value can be a literal string containing a valid Oracle timestamp format mask or an item reference using substitution syntax. If no value is specified, the default timestamp format is derived from the database session at runtime. Consider the following examples:

DD-MON-RR HH.MI.SSXFF AM
&MY_TIMESTAMP_FORMAT.

7.5.3.2.6 Application Timestamp Time Zone Format

Determines the timestamp with time zone format to be used in the application.

Use this date format to alter the NLS_TIMESTAMP_TZ_FORMAT database session setting before showing or submitting any page in the application. This value can be a literal string containing a valid Oracle timestamp with time zone format mask or an item reference using substitution syntax. If no value is specified, the default timestamp with time zone format is derived from the database session at runtime. Consider the following examples:

DD-MON-RR HH.MI.SSXFF AM TZR
&MY_TIMESTAMP_TZ_FORMAT.

7.5.3.2.7 Character Value Comparison

Determines the collating sequence for character value comparison in various SQL operations and clauses, for example, ORDER BY, LIKE, MIN/MAX.

Use this value to alter NLS_SORT database session parameter for the execution of SQL queries in classic report and interactive report regions. If no value is specified, the default value is derived from the database session at runtime. Consider the following examples:

BINARY
GERMAN
CANADIAN_M

7.5.3.2.8 Character Value Comparison Behavior

Determines the collation behavior of SQL operations, for example, LIKE, MIN/MAX.

Use this value to alter the NLS_COMP database session parameter for the execution of SQL queries in classic report and interactive report regions. Options include:

• Database session NLS setting (default) - The NLS_COMP value is derived from the database session at runtime.

• Binary - Comparisons in WHERE clauses and other SQL operations are binary.

• Linguistic - Comparisons in WHERE clauses and other SQL operations use the linguistic sort specified in the Character Value Comparison attribute (NLS_SORT).

7.5.3.2.9 Automatic Time Zone

Controls the setting of the database session time zone. When set to Yes, the client time zone is derived from the client's web browser and set for the duration of the Application Express session.

Subsequent page views have the database session time zone set properly per page view. Once set, this setting can be overridden using APEX_UTIL.SET_SESSION_TIME_ZONE, or reset using APEX_UTIL.RESET_SESSION_TIME_ZONE.

See Also:

Oracle Application Express API Reference

7.5.3.2.10 Automatic CSV Encoding

Automatic CSV Encoding controls the encoding of all comma-delimited (CSV) report output in an application. The default value for Automatic CSV Encoding is Yes. When Automatic CSV Encoding is set to Yes, CSV report output is converted to a character set compatible with localized desktop applications. The character set for the CSV encoding is determined by the Application Language Derived From setting.

The encoding of pages in Application Builder is determined by the character set of the Database Access Descriptor (DAD) used to access Oracle Application Express. For example, if the character set of the Database Access Descriptor is AL32UTF8, all pages in all applications in the Oracle Application Express user interface are encoded in UTF-8.

By default, the CSV output from report regions is encoded in the same character set as the Database Access Descriptor. However, some desktop spreadsheet applications require that the data is encoded in the client desktop operating system character set. In the case of multibyte data, the CSV output from report regions often appears corrupted when opened by a desktop spreadsheet application. This is because the CSV output from report regions is encoded differently than what is required by the desktop application. Enabling Automatic CSV Encoding resolves this issue.

For example, if the user's language preference for an application is de, the CSV data is encoded in Western European Windows 1252, regardless of the Database Access Descriptor character set setting. If the user's language preference is zh-cn, the CSV data is encoded in Chinese GBK.

7.5.4 Managing the Application User Interface

When you create a database application you select a user interface. The application user interface (such as Desktop or Mobile) determines default characteristics of the application and optimizes the display for the target environment. You can customize the user interface by editing attributes on the User Interface and User Interface Details page.

• Accessing User Interface Attributes

• User Interface Page

• Defining an Application Logo

• Creating a New User Interface

• User Interface Details Page

7.5.4.1 Accessing User Interface Attributes

To access user interface attributes:

1. On the Workspace home page, click the Application Builder icon.

2. Select an application.

   The Application home page appears.

3. Click Shared Components.

   The Shared Components page appears.

4. Under User Interface, click User Interface Attributes.

   The User Interface Attributes page appears. To learn more, see "User Interface Page."

5. To edit attributes for a specific user interface, scroll down to User Interfaces and select a specific user interface.

   The User Interface Details page appears. To learn more, see "User Interface Details Page."

Tip:

You can also access to User Interface attributes by navigating to the Edit Application Definition and then clicking the User Interface tab. See "Accessing the Edit Application Definition Page."

7.5.4.2 User Interface Page

This section describe the sections and attributes available on the User Interface page.

• General Properties

• Logo

• User Interface Detection

• User Interfaces

See Also:

"Accessing User Interface Attributes"

Tip:

To learn more about the attributes on this page, see field-level Help. See "Viewing Field-Level Help."

7.5.4.2.1 General Properties

Use General Properties to define basic characteristics of the application user interface. Table 7-12 describes all General Properties attributes.

Table 7-12 User Interface, General Properties

Attribute	Description
Static File Prefix	Determines the virtual path the web server uses to point to the static files of the application. Use this attribute to centrally change where static application files should be loaded from without changing all file references in an application. For example, you can use this attribute to point to a directory on the web server to avoid having to load files from the database and improve application performance. If you specify a Static File Prefix, the substitution string #APP_IMAGES# returns that value. For example, you could enter a valid URL to reference them: /myFiles/ http://contentDeveliveryNetwork.com/myFiles/ If you do not specify a Static File Prefix, the substitution string #APP_IMAGES# returns a URL to reference files from Shared Components, Static Files which will load the files from the database. Tip: Do not use this attribute to reference files which are stored with your application definition in the database.
Image Prefix	Determines the virtual path the web server uses to point to the images directory distributed with Application Builder. During installation, the virtual path is configured as /i/. When embedding an image in static text (for example, in page or region headers or footers), you can reference an image using the substitution string #IMAGE_PREFIX#. For example, to reference the image go.gif, you would use the following syntax: <img src="#IMAGE_PREFIX#go.gif"> See Also: "IMAGE_PREFIX"
Media Type	Enter the Internet Media Type. An Internet Media Type is two-part identifier for file formats on the Internet. A Media Type is composed of at least two parts: a type, a subtype, and one or more optional parameters. This Media Type is used in the Content-Type HTTP header when rendering the page. The page-level Media Type overrides the application-level Media Type. The default value for this attribute is NULL. If both the page-level and application-level values for Media Type are NULL, the Media Type text/html is used.

7.5.4.2.2 Logo

Use Logo attributes to define an application logo. An application logo can be text-based or image-based. To use this feature, your page template must include the #LOGO# substitution string.

See Also:

"Defining an Application Logo"

7.5.4.2.3 User Interface Detection

Enter CSS file URLs for style sheets that should load when Oracle Application Express displays the available user interfaces, when automatic detection fails. Each URL has to be written on a new line. If you provide a minified version of your file you can use the substitution string #MIN# to include .min in your file URL for a regular page view and an empty string if the page is viewed in debug mode. You also have access to the substitution string #APP_VERSION# to include the application's version in the file URL. If you do not enter any URLs, Oracle Application Express uses a default style sheet.

To view examples, see field-level Help.

7.5.4.2.4 User Interfaces

Displays user interfaces defined for the current application. To edit an existing user interface, click the user interface name. To add a new user interface, click Add New User Interface.

See Also:

"Accessing User Interface Attributes," "Creating a New User Interface," and "User Interface Details Page"

7.5.4.3 Defining an Application Logo

To define an application logo:

1. Access the User Interface page. See "Accessing User Interface Attributes."

   Next, specify the logo attributes.

2. If the logo is an image:

   1. Logo Type - Select Image.

   2. Logo - Enter the complete image name, including the file name extension (for example, /i/oracle.gif) or a fully qualified URL if you a referencing the image.

      You can reference an image uploaded to the static file repository using a substitution string. To learn more, see "About Referencing Static Application Files" and "About Referencing Static Workspace Files."

   3. Logo Attributes - Enter the appropriate attributes for the logo or make a selection from the list.

3. If the logo is text:

   1. Logo Type - Select Text.

   2. Logo - Enter the full text string, for example:

      Sample Application

   3. Logo Attributes - Enter the appropriate attributes for the logo or make a selection from the list.

4. Click Apply Changes.

See Also:

"Managing Static Application Files," "Managing Static Workspace Files," "Creating Custom Themes," and "Page Templates"

7.5.4.4 Creating a New User Interface

To add a new user interface:

1. Navigate to the User Interface page. See "Accessing User Interface Attributes."

2. Scroll down to User Interfaces and click Add New User Interface.

3. Follow the on-screen instructions.

   To learn more about an attribute, see field-level Help. See "Viewing Field-Level Help."

4. Confirm your selections and click Create.

See Also:

"Accessing User Interface Attributes" and "User Interface Details Page"

7.5.4.5 User Interface Details Page

This section describes the sections and attributes available on the User Interface Details page.

• Identification

• Attributes

• Navigation Bar

• JavaScript

• Cascading Style Sheets

• Concatenated Files

See Also:

"Accessing User Interface Attributes" to learn how to access the User Interface Details page.

Tip:

To learn more about the attributes on this page, see field-level Help. See "Viewing Field-Level Help."

7.5.4.5.1 Identification

Table 7-13 describes all attributes under User Interface Details, Identification.

Table 7-13 User Interface Details, Identification

Attribute	Description
User Interface Type	Displays the selected interface type. A Desktop user interface is used for applications primarily designed for desktop use. A Mobile user interface is used for applications primarily designed for use on smartphones and tablets.
Display Name	Specify a display name for the user interface. The display names is shown in wizards, such as the create theme wizard.
Sequence	Specify the display sequence for the user interface.

7.5.4.5.2 Attributes

Table 7-14 describes all attributes under User Interface Details, Attributes.

Table 7-14 User Interface Details, Attributes

Attribute	Description
Auto Detect	Select whether the user interface should be automatically detected. If auto-detection is enabled, the user will be redirected to the corresponding login page or home page.
Default	Select whether the user interface is the default interface for the application.
Home URL	Specify the home page of the application for the current user interface.
Login URL	Specify the login page of the application for the current user interface.
Theme	Shows the theme currently associated with the user interface. See Also: "Switching Themes"
Theme Style	Select a theme style. This option only displays for newer themes that support theme styles. See Also: "Using Theme Styles"
Global Page	If defined, displays the global page for the application. See Also: "Creating a Global Page to Display Components on Every Page"

7.5.4.5.3 Navigation Bar

Navigation Menu attributes only display with newer themes. Table 7-15 describes Navigation Menu attributes.

Table 7-15 User Interface Details, Navigation Menu

Attribute	Description
Implementation	Select how to you wish to implement the navigation bar in this application. Options include: Classic - Renders the navigation bar as a classic navigation bar in the #NAVIGATION_BAR# position on your page template. List - Renders the navigation bar as a list, using the selected list and list template in the #NAVIGATION_BAR# position on your page template.
Navigation Bar List	Select the list utilized for the navigation menu for the application.
List Template	Select the list template used to render the navigation menu for this application.
Template Options	Set template options for the list template used for the navigation menu list for the application.

7.5.4.5.4 JavaScript

Use the attributes described in Table 7-16 to control or modify how an application handles JavaScript.

Table 7-16 User Interface Details, JavaScript

Attribute	Description
Content Delivery Network	Specify the Content Delivery Network used to load the 3rd party libraries jQuery and jQuery Mobile. Using a Content Delivery Network can reduce the loading time of your application if the user has visited other websites which also use the same content delivery network to load the jQuery files. It is very likely that those calls are still in the browser cache and do not have to be downloaded again. Especially on mobile devices with limited browser caches, this can improve performance because it is not so likely that the files are purged from the cache. Note: The Google and Microsoft Content Delivery Network do not currently host the correct version of the jQuery Mobile library, so selecting either of these will only influence the jQuery library being served from their Content Delivery Network, jQuery Mobile will still be served from your web server.
File URLs	Enter JavaScript file URLs for code to be loaded on every page. Each URL has to be written into a new line. If you provide a minified version of your file, you can use the substitution string #MIN# to include .min or #MIN_DIRECTORY# to include minified/ in your file URL for a regular page view and an empty string if the page is viewed in debug mode. JavaScript file URLs you enter here replaces the #APPLICATION_JAVASCRIPT# substitution string in the page template. Note: You do not need to include opening or closing script tags. Just write the URL. Examples: Standard file reference: /myjs/main.js Standard file reference which loads the minified file main.min.js for regular page views and main.js in Debug mode: /myjs/main#MIN#.js Conditional file for Internet Explorer [if IE]/myjs/ie.js
Include Legacy JavaScript	Specifies if the legacy JavaScript functions are included on every page in the application. If you are confident your application does not contain any references to the legacy functions, set this to No to reduce the overall size of the JavaScript files loaded. To determine what if any deprecated jQuery features are used, run the application with the Browser console log open and look for log messages displayed by jQuery Migrate. See Also: "Legacy JavaScript APIs" in Oracle Application Express API Reference
Include jQuery Migrate	Specifies if the jQuery Migrate plug-in should be included on every page in the application. The plug-in restores deprecated features and behaviors of jQuery so that old JavaScript code and jQuery plug-ins will still run properly with the jQuery version loaded by Application Express. If you are confident your application and any used jQuery plug-in does not contain any references to deprecated jQuery features, set this to No to reduce the overall size of the JavaScript files loaded.

7.5.4.5.5 Cascading Style Sheets

In File URLs, enter Cascading Style Sheet file URLs to be loaded on every page. Each URL has to be written into a new line. If you provide a minified version of your file you can use the substitution string #MIN# to include .min or #MIN_DIRECTORY# to include minified/ in your file URL for a regular page view and an empty string if the page is viewed in debug mode. You also have access to the substitution string #APP_VERSION# if you want to include the application's version in the file URL.

See field-level Help for examples.

7.5.4.5.6 Concatenated Files

Using a concatenated file can increase the performance of loading your page because instead of issuing multiple HTTP requests for each single file, the browser only loads one file. This approach gives you the option to use smaller, more modular files during development and to use a single concatenated file when running the application outside of the Application Express development environment.

To create a concatenated file, click Concatenated File and follow the on-screen instructions. To learn more and view examples, see field-level Help.