APEX 5 New Authorization Evaluation Point Features

In APEX 4 you can define Authorization Schemes. This is a very useful feature to prevent code repetition all over the place. For instance and Authorization Scheme "Is Admin" might use a select on one or more tables (or web service calls or whatever is necessary) to determine whether a user, the :APP_USER, has an Admin role or not. And you can use any value in session state, like :APP_ID or :APP_PAGE_ID in your query (more...)

APEX 5 New Substitution Syntax Features

You've probably all heard about XSS, a.k.a. Cross Site Scripting. One of the ways you make yourself vulnerable to XSS is by creating JavaScript in your APEX applications that accepts unescaped user input - either direct or data retrieved from the database.
As a - very stupid and simple - example, create a Page with a Text Item (say P3_TEXT).  Next create a Dynamic Action that executes this snippet of Javascript on Page (more...)

APEX 5 New Runtime API Lockdown Features

In APEX 4.x the developer could implement a feature that involves a call to the APEX API. E.g. you could create new pages on the fly if you would like to (just examine an export file for the how-to). You could drop an application using a procedure from the APEX_INSTANCE_ADMIN package. You could drop a user using APEX_UTIL.REMOVE_USER. If this is all on purpose and secured than that's fine. But maybe you (more...)

APEX 5 New Password Reset Features

Now and then it happens when we're logging in into our APEX instance: We have to change our password again .... And that means, typing it in an awful number of times:
1. Current Password
2. New Password (and of course preferably the same as the current one ...)
3. Confirm New Password
4. Press Apply Changes
5. Press Retun
6. And we're back at Square One : The login screen - and here we type (more...)

APEX 5 New Developer Preferences Features

As a lot of the new APEX 5 features are "by developers for developers", this one is also a nifty little thing that make our lives easier. Only the developer part of our lives of course....
In the upper right corner of APEX 5 you'll see your login name and a rather anonymous avatar. Just for fun - and recognisability - you can add your own face there. Or a picture of your (more...)