Skip to main content

Security Policies for Open Capabilities

Overview

To further protect data security and prevent malicious attacks, BI platform versions released from 6.6.0 in 2025-07 onward provide two new security modes for code execution in open capabilities. These modes apply to Custom Charts and Plugins.

Disclaimer

  • For coding conventions, refer to the Airbnb JavaScript Style Guide. Any unsafe or disallowed coding style is prohibited.
  • Plugin development should follow the minimum-scope principle:
    • Custom Chart Iframe should be used only for pure chart rendering and may operate only on resources inside the iframe that do not involve stored information.
    • Custom Chart Lite should be used only for pure chart rendering and may use only explicitly provided information.
    • Plugin Management should be used only to read and operate information through open capabilities provided by OpenSDK.
  • All plugins are prohibited from using storage-related APIs and from reading or modifying stored information in any form.

Security Mode Details

Security Levels

There are two levels of security modes:

  • Execution Security: basic security restrictions that ensure safe code execution.

  • Execution Security + Write Security: based on execution security, adds restrictions on write operations.

    Description

    After this mode is enabled, the creation and modification features for Custom Charts and Plugins are currently disabled.

How to Enable

Security mode must be enabled through operations procedures. If you need it enabled, contact Guandata Operations.

Switch Control Rules

  • Iframe mode and Lite mode of Custom Charts share one security-mode switch.
  • Plugins use an independent security-mode switch, which does not affect the Custom Chart switch.

Notes

Enabling security mode adds restrictions to code execution in Custom Charts and Plugins. This may make previously customized charts or plugins that include unsafe code patterns unavailable and require extra adaptation. In most cases, however, customized requirements can still be completed using secure coding approaches.

Disabling security mode may make custom development more convenient, but it also greatly increases security risk. Customers should choose carefully.

Specific Restrictions

Custom Chart - Iframe

  • Enable Strict Mode
  • Prohibit access to the window object through global or self
  • Prohibit communication APIs such as XMLHttpRequest and WebSocket
  • Prohibit access to any information on the host page through window.parent, including use of postMessage
  • Prohibit access to any stored information, including cookie, localStorage, sessionStorage, and indexedDB
  • Prohibit dangerous methods such as eval, Function, and constructor

Custom Chart - Lite

  • Enable Strict Mode

  • Prohibit use of document, globalThis, and self; window is allowed to access only the GD and echarts properties

    Description

    Access to only GD and echarts through window also applies outside security mode.

  • Prohibit communication APIs such as fetch, XMLHttpRequest, and WebSocket

  • Prohibit access to any stored information, including cookie, localStorage, sessionStorage, and indexedDB

  • Prohibit dangerous methods such as eval, Function, and constructor

Plugins

  • Enable Strict Mode
  • Prohibit access to window through globalThis and self
  • Prohibit communication APIs such as fetch, XMLHttpRequest, and WebSocket; requests must use GD.fetch, and only /api/ requests are allowed
  • Prohibit access to any stored information, including cookie, localStorage, sessionStorage, and indexedDB
  • Prohibit dangerous methods such as eval, Function, and constructor