I have a security issue. Regular user can edit html web resource and by doing this can run malicious code. D365 warns the user but before that is running the portion of code. What can I do to prevent this?
And the result:
Hi .Mihai Co,
You can find these privileges in the customizations tab of security roles. Allow greens and prevent reds these are my thoughts
This is by default. User has no right to edit web resources, only read. But still, before the error message occurs, the code is running.
Hello Mihai,
- You can do it by modifying the security role for that user.- Open the security role(which is assigned to the user) > Customization > Webresource- Remove the access of create/read/write so that user will npt be able to update the webresource.
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
As AI tools become more common, we’re introducing a Responsible AI Use…
We are honored to recognize Abhilash Warrier as our Community Spotlight honoree for…
These are the community rock stars!
Stay up to date on forum activity by subscribing.
MVP-Daniyal Khaleel 125
Tom_Gioielli 110 Super User 2025 Season 2
Erin Lubben 73
