LIFERAY JAVASCRIPT APISLIFERAY JAVASCRIPT APIShttps://liferay.dev/c/message_boards/find_thread?p_l_id=119785294&threadId=1120987362026-04-04T09:34:51Z2026-04-04T09:34:51ZRE: LIFERAY JAVASCRIPT APISArun Dashttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1121135012019-01-24T01:49:18Z2019-01-24T01:49:18Z<blockquote>
<div class="quote-title">David H Nebinger:</div>
<div class="quote">
<div class="quote-content">
<p>getUserId() does not invoke the back end. It is a
javascript-only object that has been populated during page
rendering. If that's the only method you're concerned about
"hiding", there is no reason to pursue it because it
is not able</p></div></div></blockquote>
<p>No, thats was just an example.</p>
<p> </p>
<blockquote>
<div class="quote-title">Discoverability just hides it from the
/api/jsonws listing, but it does not make the method protected or
anything. Knowing what I know about Liferay, I can invoke services
against your instance whether /api/jsonws is working or not.</div></blockquote>
<p>Yes, that was the basic idea for this too, just hide.</p>
<p> </p>
<p>Thanks and anyways, the answer is no then.</p>
<p> </p>
<p>Regards,</p>
<p>Arun<br /> </p>Arun Das2019-01-24T01:49:18ZRE: LIFERAY JAVASCRIPT APISDavid H Nebingerhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1121106372019-01-23T18:20:33Z2019-01-23T18:20:33Z<p>getUserId() does not invoke the back end. It is a javascript-only
object that has been populated during page rendering. If that's the
only method you're concerned about "hiding", there is no
reason to pursue it because it is not able to be hidden.</p>
<p>Discoverability just hides it from the /api/jsonws listing, but it
does not make the method protected or anything. Knowing what I know
about Liferay, I can invoke services against your instance whether
/api/jsonws is working or not.</p>David H Nebinger2019-01-23T18:20:33ZRE: LIFERAY JAVASCRIPT APISArun Dashttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1121093412019-01-23T17:52:27Z2019-01-23T17:52:27Z<p>Hi David,</p>
<p>I was debugging something else and found this by accident and I’m not
planning to change anything from that JavaScript. I was just wondering
if there is any way to hide it from global access. Something like, you
can make json web services discoverable on api page using a property </p>
<p>jsonws.web.service.api.discoverable=true</p>
<p>and set this to false to hide it from api page. </p>
<p> </p>
<p> </p>
<p>Regards,</p>
<p>Arun</p>Arun Das2019-01-23T17:52:27ZRE: LIFERAY JAVASCRIPT APISDavid H Nebingerhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1121051402019-01-23T14:07:15Z2019-01-23T14:07:15Z<p>You should not change the Liferay javascript unless you really,
really, really know what you're doing.</p>
<p>And if you really, really, really think you know what you are doing,
scrap that thought and go back to not changing the Liferay javascript.</p>David H Nebinger2019-01-23T14:07:15ZLIFERAY JAVASCRIPT APISArun Dashttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1120987352019-01-23T09:42:40Z2019-01-23T09:42:40Z<html><head></head><body><p>Hi,</p>
<p>From Google chrome console, you can access Liferay JavaScript object
(screenshots below)</p>
<p>
<img src="/documents/14/110203810/_that.PNG/620599a2-0875-dcbe-66fb-c0a06666424c?t=1548236194084"></p>
<p> </p>
<p>
<img src="/documents/14/110203810/_this.PNG/080c21d0-7e83-21b7-9399-626eb0334a41?t=1548236209638"></p>
<p> </p>
<p>From <a href="https://dev.liferay.com/develop/tutorials/-/knowledge_base/7-1/liferay-javascript-apis">here
</a>it says, "The <code>Liferay</code> JavaScript object exposes
methods, objects, and properties that you can use to access Liferay
Portal-specific information" </p>
<p>I was wondering, if we could disable it or change it from public
access. If yes, how to disable this and if we disable it, will it
break any functionality? </p>
<p> </p>
<p>Hope someone could shed some light.</p>
<p> </p>
<p>Regards,</p>
<p>Arun</p></body></html>Arun Das2019-01-23T09:42:40Z