ASPxGridDataSecuritySettings.AllowReadUnexposedColumnsFromClientApi Property
Specifies whether to disable client-side access to data source fields that are bound to columns and these columns are hidden in the control.
Namespace: DevExpress.Web
Assembly: DevExpress.Web.v24.2.dll
Declaration
[DefaultValue(DefaultBoolean.Default)]
public virtual DefaultBoolean AllowReadUnexposedColumnsFromClientApi { get; set; }
Property Value
Type | Default | Description |
---|---|---|
DefaultBoolean | Default | One of the DefaultBoolean enumeration value. |
Available values:
Name | Description | Return Value |
---|---|---|
True | The value is true. |
|
False | The value is false. |
|
Default | The value is specified by a global option or a higher-level object. |
|
Remarks
Use the AllowReadUnexposedColumnsFromClientApi property to restrict access to data source fields that are bound to columns and these columns are hidden in the ASPxGridView, ASPxCardView, and ASPxVerticalGrid controls.
ASPxGridView.SettingsDataSecurity.AllowReadUnexposedColumnsFromClientApi = DefaultBoolean.True;
ASPxCardView.SettingsDataSecurity.AllowReadUnexposedColumnsFromClientApi = DefaultBoolean.True;
ASPxVerticalGrid.SettingsDataSecurity.AllowReadUnexposedColumnsFromClientApi = DefaultBoolean.True;
If the AllowReadUnexposedColumnsFromClientApi property is set to Default, the client-side access to the data source’s unexposed fields depends upon the BackwardCompatibilitySettings.DataControlAllowReadUnexposedColumnsFromClientApiDefaultValue property setting.
Note
In version 18.1, we’ve changed this API behavior to improve data security of grid-like DevExpress web controls.
Breaking Change: The Specificity of accessing data field values from a client API of grid-like web controls topic illustrates details and describes how to revert to the previous behavior (degrading data security).
The AllowReadUnexposedColumnsFromClientApi property has priority over the BackwardCompatibilitySettings.DataControlAllowReadUnexposedColumnsFromClientApiDefaultValue property.