#dominoforever | Product Ideas Portal

 

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Give the ability to block the ?ReadViewEntries command at a server level

User cases :

User need to create document from the web under Anonymous access.
Data is "protected" by pairing document access with personal data only known by the user  + unique key delivered by email.

Using ?ReadViewEntries command allow to gain access to all documents in that case.

Customer do not want to ask to level security web access.

  • Guest
  • Oct 2 2018
  • Needs review
  • Attach files
  • Guest commented
    3 Oct, 2018 08:59pm

    I would consider having the ability to block those default server requests a benefit to help secure applications without having to dig into each application and make changes.  The stated use case could be achieved with a bean.