Skip to main content
Nintex Community Menu Bar

Hi,

I have a rule which calls another form and passes a paramater to it. Problem is, users can see that paramater in the browser URL and change it. Is there anyway of masking a paramater name and id displayed in browser?

Thanks,

Hi Sharpharp

The short answer is, this is not a feature in Nintex Automation on Prem (Old K2).  Unfortunately you will have to work around the problem.

Of the top of my head.

  1. If you have a task form only the user that the task is assigned to can access the task.  So by creating a parameter on the form called SN witch contains the task serial number accessible only by the required user you can read the parameter value through the Open A Worklist Item action and populate a control, SmartObject property or form/view Parameter(It wont show up in the browser URL).
  2. Build your solution to the problem.  Store what users have access to specific information as part of you solution.  Then Create rules that will evaluates the data and treat the situation accordingly.
  3. Underlying security.  If you are using SharePoint SharePoint permission can stop users from accessing information they should not see.  K2 uses OAuth when accessing SharePoint.  

Hope this helps


Hi,

Thanks for your reply, I was able to get around this issue by finding an old post which suggested avoiding parameters altogether and passing the vale to a View instead. -This way, the URL is generic and no additional info is visible.


Reply