Read-Only Fields in Dynamic Server Pages

In dynamic server pages, read-only fields are protected, so they cannot be changed in the browser. This can also prevent the JavaScript API function createOccurrence from creating new occurrences in the browser.

Fields are read-only if they have the field syntax set to NED (non-editable), or if they have a widget that is considered read-only, such as a CommandButton or StaticText widget. Such fields cannot be edited, and it is also not possible to use the JavaScript API to create occurrences of entities that contain read-only fields.

The only exception is static fields and control fields, which are normally considered to be read-only. However, if they are the only read-only fields in your entity, it is still possible to create occurrences on the browser.

How Read-Only Fields are Protected

For each read-only field the server sends the value to the client, accompanied by a hash value. This hash value is calculated on the server from, among other things, the field value. When the server receives data from the client, for each read-only field it checks whether the hash value is still present, and whether it still matches the field data. If the hash value is missing, or if it does not match the field value, the data must have been tampered with. As a consequence, the webload fails with a WEBERR_HASH security error.

If an entity has read-only fields and an occurrence is created on the browser, those read-only fields do not have a hash-value associated with their initial value (for security reasons hash values are not calculated on the browser). Sending such an occurrence to the server would, therefore, lead to a security error during webload. For this reason, the JavaScript API function createOccurrence checks whether the entity has read-only fields. If it has, the function throws a uniface.OccurrenceCreationException and does not create the occurrence.

The same happens if, at some level, the entity contains an inner entity that has read-only fields.

Read-Only Widgets

The following widgets are considered read-only by nature, so the field syntax is set to NED (non-editable) by default.

  • CommandButton
  • FlatButton
  • PictureButton
  • Picture
  • StaticText
  • RawHTM

To enable new occurrences of entities that contain these widgets to be created in the browser, you need to set the field property Is Control to True or Is Static to True.

Alternatively, you can use the editable version of the widget (for example Picture_updatable).

Related Topics