Skip to main content
Nintex Community Menu Bar

Workflow REST API: javascript samples.

 

The userid/password is available to the user (right click and "view page source"). What would be the solution that K2 recommends that would work with K2 in order to hide/encrypt those?

 

Thank you.

Hi  @itodocanada;

 

UPDATED**** 

 

1- drag datalable control anywhere on your formview 

 

2- add the following JS as an expression on the datalable:

 

<script type="text/javascript"> $(document).ready(function() 
{
document.getElementsByTagName("input")[12].type = "password"

});</script>

 Change the index according to the control position

 

** to check the number of the <input> tag on your form and determine the position of the password textbox:

 

1- press f12 

2- ctrl + f and look for <input

 

 

3- get to your control, notice that there are17 match and my control is the 13th, the index start from zero which means my control index is 12

 

Source:-https://community.k2.com/t5/General/Hide-textbox-characters-on-smartforms/td-p/78839

 

Alternative:- Not sure how are you calling your .js but 

If you run your code within a browser however, you may have more issues with the POST. The GET method in the browser will also work easily.

The issue with the POST request is that what is required by the K2 API makes it a non 'simple' request.

play around with this two methods.

 

Additional:-

-https://johnnyk2com.wordpress.com/2016/05/23/password-textboxes-in-smartforms/

-https://help.k2.com/onlinehelp/k2cloud/DevRef/current/default.htm#Runtime/WF-REST-API/WF-REST-js.htm

 

Should you find the above information useful, kindly mark such as "Kudo and/or Accepted Solution", to assist other community members.

 

regards;

widson.


Hi Widson,

Where is the expression located at the browser/client level? Is in a javascript file? if the answer is yes than the user can go into cache location, find the file and extract the password. He/she can use the developer tools in Chrome to find the downloaded js files.

 

Am I wrong?

 

How does the expression work behind? Please give me some details.

 

Thank you.


Hi  @itodocanada;

 

On my point of view .Js is client side scripting which k2 make use of it at smartform level, like any js files running on browser level, it's up for the designer to ensure the any custom code implemented doesn't pose security threads, NB:-Js  Although Client -Side hashing is helpful but K2 also make use of SSL/TLS in the following link below there's  to better way to achieve desired output-:

https://help.k2.com/onlinehelp/k2blackpearl/DevRef/4.7/default.htm#Configure_SSL.html

https://help.k2.com/kb002500

 

Regards;

Widson.


Widson,

There ase some issue with your approach:

1) 

document.getElementsByTagName("input"))12].type = "password"

The above code runs at the client so the password is exposed.

2)Your explanations from the last post are related to blackpearl and my questions are related to cloud. Also the SSL/TSL are ways of encripting the communications between source and target and it doesn't realy apply to my question.

 

Any other ideas?

 

Thank you. 


Reply