AVOIDING SECURITY HOLE IN YOUR JAVA APP #1
Suppose you own an app where child window exits , your user by default may close the child windows by click the close button , you may however disable the window as read-only with setReadOnly to true as setReadOnly(true) or making it invisible with css display:none ,doing that means you have just created a security hole with the css key , because malicious user will access the button and close the window .The best practice is to set the window to read-only, which also prevent closing on the server side.
Example on the use of a child window in an application using a custom component with open and close button.
this show how we can inherits CustomComponent class which consist of a Button for the window opening with a lable to show the attributes of the window
Now , you can see the window is open but the button is disabled. When the window is close , button is enabled