BackwardCompatibilitySettings.DataControlAllowReadUnexposedColumnsFromClientApiDefaultValue Property
Specifies whether to disable client-side access to data source fields that are bound to columns and these columns are hidden in the control.
Namespace: DevExpress.Web
Assembly: DevExpress.Web.v23.2.dll
NuGet Package: DevExpress.Web
Declaration
[DefaultValue(true)]
public bool DataControlAllowReadUnexposedColumnsFromClientApiDefaultValue { get; set; }Property Value
| Type | Default | Description |
|---|---|---|
| Boolean | true |
|
Property Paths
You can access this nested property as listed below:
| Object Type | Path to DataControlAllowReadUnexposedColumnsFromClientApiDefaultValue |
|---|---|
| ASPxWebControl |
|
Remarks
The DataControlAllowReadUnexposedColumnsFromClientApiDefaultValue property controls client-side access to unexposed data source fields if the grid-like controls’ ASPxGridDataSecuritySettings.AllowReadUnexposedColumnsFromClientApi and/or the tree list’s TreeListSettingsDataSecurity.AllowReadUnexposedColumnsFromClientApi properties are set to Default.
Note
In version 18.1, we’ve changed this API behavior to improve data security of grid-like DevExpress web controls.
Breaking Change: The Specificity of accessing data field values from a client API of grid-like web controls topic illustrates details and describes how to revert to the previous behavior (degrading data security).
Example
The following example demonstrates how to prevent client-side API members of grid-like controls from accessing data source fields bound to hidden columns:
void Application_Start(object sender, EventArgs e) {
ASPxWebControl.BackwardCompatibility.DataControlAllowReadUnexposedColumnsFromClientApiDefaultValue = false;
}