Skip to Content
0
Sep 04, 2023 at 10:39 AM

custom widgets: potential risks due to malicous code ?

67 Views

Hi,
could custom widgets pose a risk due to malicous code? Or are they only used in such a restriced (sandboxed) way that there is no risk attached at all?
a SAP approved 'custom widget' repository does not exist so I assume that best practice is to always have a look into the .json and .js files to get an idea what can be expected from that widget and to find out under which licence the widget has been published.

Does anyone work in an environment where custom widgets are not allowed at all and what are the reasons for that kind of limitations?

br
edgar