I've developed custom application in Office365(Sharepoint Online) using CSOM/Javascript. Security team from client side has been reported one major issue to the our application that any end user can comment our CSOM/Javascript code and bypass the validation or can update / insert into sharepoint list item using developer tool/ Console in Google Chrome(F12 Key).
Also end user can write his own separate code in console of Google Chrome (Developer Tool / F12) and can update / insert into Sharepoint List.
Note:- End user has Add, Edit, View permission on all Sharepoint List.
This is one major security flaw of the Sharepoint/Office365 to use CSOM /Javascript for writing code, to overcome this issue could you please provide me some solution.
Your help would be greatly appreciated!!!
Looking for reply.
Thanks,
Mahesh Sherkar
Web: http://Mahesh-Sherkar.com
Email: mahesh.sherkar@gmail.com
- Edited by Mahesh Sherkar 1 hour 15 minutes ago
- Changed type Mahesh Sherkar 1 hour 7 minutes ago
Other recent topics
