How to stop editing read only fields from browser

Aju Sam
Tera Contributor

‎03-13-2023 02:56 AM

I have created a record producer and have set some fields to read only on field level from the table and to test my problem, I have made one field read-only(Email ID field) using UI policy. The problem is I am able to change the field from read-only to editable in the front end using inspect element, and on submission change is being shown in backend table. That means a user who is restricted to make change to certain fields can make the change using above method. How to prevent this?

AjuSam_0-1678701134904.png

AjuSam_1-1678701264952.pngAjuSam_2-1678701343114.png

I have removed readonly="readonly" from inspect element and editing it was possible.

 

0 Helpfuls
  • 965 Views
3 REPLIES 3

AnveshKumar M
Tera Sage
Tera Sage

‎03-13-2023 05:28 AM

Hi @Aju Sam ,

The best way to prevent this is validating the submitted form in backend processing (record producer script). I follow this to prevent this kind of scenario.

 

Thanks,

Anvesh

Thanks,
Anvesh
0 Helpfuls

SatyakiBose
Mega Sage

‎03-13-2023 06:35 AM

Hi @Aju Sam 

Did you try making it read only using a client script, and then see how it works?

0 Helpfuls

Community Alums
Not applicable

‎03-13-2023 06:47 AM

Use Data policy insted. This will enforce it on DB level.