Edit non editable fields using inspect HTMl from browser
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2023 02:40 AM
When user is creating a request from catalog item, he is able to edit any field in the task by inspecting and changing the value from HTML code for this particular field
The field is read only still he is able to edit the value by changing the value.
Any thoughts on how to prevent this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2023 04:11 AM
Hi @Community Alums,
Do you mean in the catalog item, before the sc_req_item record has been created? Or in the sc_req_item, or sc_task?
Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2023 04:24 AM
In sc_task and sc_req_item
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2023 04:28 AM
Ok,
In that case.. You probably only set the fields as read only with UI Policies, or Client scripts.
This is handled client side, and thus able to manipulate by the client.
If you want to prevent them doing this, you will have to create write ACL's for these fields, so that for example only admin (or another role if applicable) can change these fields.
They may still be able to manipulate it somehow in their browser, but it won't get saved because they do not have the rights for it.
Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.
