I have a task that uses secure parameter and at the top of the actionscript, I have continue if exists parameter "abc" . However, that doesn’t ensure it is a secure parameter vs an unsecure (normal) parameter. Is there a way to prevent the actionscript from running if the parameter is not the secure type?
I’m not sure there is one, but checking it at runtime may not be all that helpful - the point of Secure Parameters is that the values are encrypted before they are downloaded. If the action.fxf on the server and on the client are in clear-text, action run-time is too late to check.
1 Like
good point. it prevents it from being executed and logged on the client but right, not 100% protection.
Ah, I hadn’t considered that scenario. If you have operators who can send the action without encrypting the parameters… You could use the 'action log command' command to put the action into the reduced-logging mode (which it does automatically with Secure Parameters, but you can trigger that manually as well)
https://developer.bigfix.com/action-script/reference/client/action-log-command.html
2 Likes