Reliable security is critical in web applications. In DataFlex 2021, security has been enhanced by adding automatic validations to security-related web properties to make web applications more secure without code changes. For applications using DataFlex revisions 18.2 through 19.1, we have created a new Redaction Library that allows developers to improve security themselves using techniques similar to the DataFlex 2021 implementation.
The Redaction Library implements a new security layer that removes the vulnerability of hidden and disabled controls within views. By default, the WebApp Framework provides access control at view level, once access to a view is granted the user can access any part of that view. Using the developer tools of the browser hidden controls can be made visible and disabled controls which can expose information and functionality that should have remained inaccessible. To learn more read the Security of DataFlex Web Framework Applications manual.