Unloading Dialogs for Security
When a modal dialog is loaded and displayed on the client, a cached copy of the dialog (including sub objects and web property values) will remain even after the modal dialog has been closed. Normally, this does not present a security problem as the logged in user should already have access rights to the dialog in order to load it in the first place.
A potential security consideration occurs if, after a dialog has been loaded, the current user logs out and a new user, with different access rights, logs in. The safest approach here is to ensure that the entire web application is reloaded whenever a new user tries to log in. This will ensure that all cached data is removed from the client.
Send
NavigateRefresh to the global
cWebApp object (ghoWebApp) to reload the entire web application.
Sometimes you may wish to retain the web application's current state, but remove specific views or dialogs from the client. Send
UnloadView to remove a specific view
or dialog from the client.