Hi there,
I just noticed a Security Warning while doing the List and Details lab (Mobile Development Online Course).
"Security Warning: You're exposing a database operation in the client side. Validate the data in a Server Action before changing the database."
I got a wriggly red line under my CreateOrUpdateToDo action while the lab material didn't have any. (Please see images below.)
Also, there was no indication from the lab material if it is going to be addressed by the succeeding labs.
I also had a look at https://success.outsystems.com/Documentation/11/Reference/Errors_and_Warnings/Warnings/Security_Warning but not making sense to me at this point. I just learned about the OutSystems platform about 2 weeks ago. I don't want it to affect my future labs, but I got no idea how to address it.
Any wisdom would be great! Thank you.
Kind regards,
R
My Service Studio
The lab material
Hi Ritchel,
To avoid this warning you have to create a new server action and add this createorupdate database entity into it.
and then use this server action in you client screen action and it will remove this warning as by doing this the entity is not directly exposed to the client side.
I hope this will fix your warning Issue.
I was clueless and didn't know what exactly I was looking for. Thank you, Nitish!
Also, for future reference, found these related discussions:
https://www.outsystems.com/forums/discussion/45727/using-server-action-to-create-entity-records/
https://www.outsystems.com/forums/discussion/35083/how-to-create-create-or-update-entity-action-on-our-own/
Just an update:
It would have been okay if the warning was left as-is from the List and Detail lab.
I just reached the Logic and Code Reusability Lab, which came in later from the Mobile App course. This section covered creating server data wrappers to protect entities from being exposed directly to the client.