Expand my Community achievements bar.

SOLVED

How to hide source code in the HTML5 form that is rendered from XDP form?

Avatar

Level 5
Level 5
8/23/21 6:07:04 AM

Hello Everyone,

 

Currently I have an XPD template form that is uploaded in AEM 6.5, and a piece of code converts this form and renders it as HTML5 form. In the browser when I access this HTML form, I  can view the source code and its scripts by right clicking the mouse and selecting the 'View page source'. Is there a way to hide the source code and still allow the scripts in the form to work correctly?

Is there any script that can be added to the XDP template/form or is there any setting in AEM 6.5 or in the Designer 6.5 that can be used to hide the source code in the HTML form?

 

Is there a concept like minification associated with JS and CSS that can be applied in AEM 6.5?

 

Is there any filter that can be applied in the dispatcher.any or any other configuration file or setting to hide the source code? I understand that the changes done here will affect all the forms and not specific ones. 

 

Thanks,

Leena

Views

1.6K

Replies

8
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee
Employee
8/24/21 1:19:24 AM

Hi @aemuser001 ,

no, the "source code" you are referring to is the active part which make the form work in the browser.These forms are not processed by the dispatcher, they render inside the browser.

You can try to move critical scripts to server (in script event you have the option to run script Client, Server or both). But that is not a general solution and depends on the use case and sequence of events. 

Kosta

View solution in original post

Views

1.5K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
8 Replies

Avatar

Correct answer by
Employee
Employee
8/24/21 1:19:24 AM

Hi @aemuser001 ,

no, the "source code" you are referring to is the active part which make the form work in the browser.These forms are not processed by the dispatcher, they render inside the browser.

You can try to move critical scripts to server (in script event you have the option to run script Client, Server or both). But that is not a general solution and depends on the use case and sequence of events. 

Kosta

Views

1.5K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 5
Level 5
8/24/21 11:27:18 AM
In response to Kosta_Prokopiu1

Hi Kosta,

 

Thank you for this very useful response.

 

I like to do two tasks:

1. In the browser I like to perform Input Form Validation before the End-User submits the form to the server.

2. Run formulas and scripts that need to be secure and not be visible to the outsider.

 

The AEM Designer 6.5 is used here. When opening the XDP form and viewing the Form Properties | Defaults there are 2 options for Default Language and 3 options for Default Run At.

 

    1. Default Language: JavaScript
      • Default Run At:  Client or Server or Client and Server
    2. Default Language: FormCalc
      • Default Run At: Client or Server or Client and Server

 

I. What combination of options is recommended when validating the fields at the client-side (e.g phone format, Number format etc.,) ? For each field in the form there is the ‘Patterns…’ window that is used for field validation. My understanding is that this is used for the client-side form input validation. Does this need to be used in combination of Default Language: JavaScript and Default Run At: Client?

 

II. What combination of options is recommended when running scripts and formulas?

 

III. What combination of options is recommended when using both form validation and executing scripts and formulas?

 

Thanks in advance for the response.

Leena

Views

1.5K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee
Employee
8/24/21 1:41:51 PM
In response to aemuser001

Hi Leena,

I had a closer look and found out that the HTML form is always transferring the whole XFA scripting, no matter what the point of execution. I guess the only way to hide functionality is to run the secret logic as part of a prefill data orchestration and possibly invoke orchestrations via SOAP Dataconnection when running JEE stack or custom services in the OSGi variant of Forms.

I learned something about HTML forms I did not realize before...

Kosta

Views

1.5K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 5
Level 5
8/24/21 2:51:13 PM
In response to Kosta_Prokopiu1

Hi Kosta,

 

Thanks for the confirmation. Greatly appreciate the responses.

 

Thanks,

Leena

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee Advisor
Employee Advisor
8/25/21 11:56:17 PM

@aemuser001  No this is not possible if you inject another script to hide the source somehow then you will end up breaking the form functionality.

 

Views

1.5K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 5
Level 5
8/26/21 5:47:59 AM
In response to Mayank_Gandhi

Good Morning Mayank,

 

Thank you for the confirmation. Will Adobe in the future implementation a feature/function/script to hide the HTML source code when rendering the XDP template as HTML5 form?

 

Thanks,

Leena

Views

1.5K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Save Document of Record in SharePoint List on form submission

Views

113

Likes

0

Replies

3
XDP files addition via code for Letter Communication

Views

41

Likes

0

Replies

0
AEM forms as cloud Service - Pdf generation using Output service

Views

105

Likes

0

Replies

2
Editing the Theme for Adaptive Form

Views

200

Likes

0

Replies

4
Modify List View on Form and Documents

Views

108

Likes

0

Replies

1