Details
-
Type:
New Feature
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 9.6.3
-
Fix Version/s: None
-
Component/s: None
-
Labels:None
Description
User Story
As an application developer, I hope a UI framework works with the safest policy by default, no need developer to enable it manually. But provide a way to disable the limit.
Acceptance Criteria
describe the final result from the owner's point of view to be counted as completed
Details
- Enable InaccessibleWidgetBlockService make ZK framework safer by default. There is rare case that end-users requires to click a disabled button.
- https://forum.zkoss.org/question/114690/vulnerability-detected-textbox-with-bind-but-disabled-chrome-debugger-opens-backdoor/