Hi,
Right now, when we want to show an object from a page URL, we can use the internal MendixID of the object.
It’s not very secure to expose internal object ID’s.
It would be great if we would be able to choose an attribute that contains a custom unique ID.
This idea had been planned by Mendix since june 2018…
Hi Rom,
Thanks for your response
The first point is up for debate. In my situation, the architect on the project does not want it and in the past I’ve seen it come up in penetration test reports as a risk. When you Google for it, you will also see a variety of opinions.
For the second point, yes it is covered by the DeepLink module. But with (what looks like) a small amendment as described in my idea, we can (in this case) remove the DeepLink module from the project and use 100% ootb functionality. This improves the code base and also, I always see new Mx developers struggle with the deeplink module. Using the functionality on the page is better to understand and maintain.
First: why is it not secure to expose internal ID’s? They contain no information. Why would a UUID be more secure? Furthermore, this use case is covered by the DeepLink module.