Client-side code is executed by the browser. This means that, in many respects, it should be considered to be a polite request only! A technical user can easily undo the setting of a mandatory field that was achieved through a UI Policy or by GlideForm
, as we'll see in this example:
Open the Check-in form in a new window. Do this by typing
x_hotel_check_in.FORM
in the application navigator filter text and pressing enter.Populate the fields as you wish, but ensure you set the Date field to a value in the past. This means the Comments field will be shown and made mandatory.
Because of the UI Policy created earlier in the chapter, if you try to submit the form without a comment, the platform will notice and present an alert box. It won't let you send the data to the instance without filling in the comments.
Now, pretend to be a malicious user. In the address bar of your browser...