Closed JosephBrooksbank closed 8 months ago
@JosephBrooksbank We are in client JavaScript world. The alternative is to setup a license server and require everybody to get the result from it. I myself, would not use a JavaScript library that requires to make a trip to a third-party server everytime on requesting my page. That is why it is not an option to us.
You will able to add a domain(s) into the license key soon. It means that the license key will work on domains you set on license key generation. We are working on this functionality right now. It will be optional.
PS: We are talking about SurveyJS Creator, Pdf Export and Dashboard. SurveyJS Library (this repo) is under MIT license and it doesn't require any key.
Thank you, Andrew
Personally, I would rather a system where once a day, our backend called a license server and got a token, which we then used for the day. I understand the concern there though.
I'll have to speak to my team and see if this is fine. I suppose at the end of the day, it is not really that great of a concern to our application, as long as you are aware of the potential concerns. Locking the key to our domain(s) will probably make folks in our business department a little less worried about it.
My mistake on the SurveyJS Library vs SurveyJS Creator licensing.
Thanks for the quick response, Joseph
@JosephBrooksbank It would be ideal to make a check on the server. The problem that we don't have the server part at all. Anyway, I hope that we will implement the domain support soon and the problem will be solved somehow.
Thank you for using our libraries!
Thank you, Andrew
@JosephBrooksbank We have added this functionality into our web app. You can go to https://surveyjs.io/remove-alert-banner and add domains.
Example:
surveyjs.io,google.com
Thank you, Andrew
Are you requesting a feature, reporting a bug or asking a question?
Reporting a security concern?
What is the current behavior?
We are in the process of updating our libraries, and see this:
To me, this implies that you would have us call
setLicenseKey()
with our actual license key in places where we show the surveyJS player. This is unacceptable. This code runs on client machines, which means any user could grab our license key at will.I assume I must be misunderstanding the process. Please let me know if this is true.