Disable Mashup Features
Some features in EMML have security or performance implications that you may need to manage. You can disable or re-enable these mashup features in the MashZone NextGen Server:
To enable/disable mashup features
1. Click Admin Console in the MashZone NextGen Hub main menu. 2. Expand the Platform Features section and click Mashup Engine.
3. Set or clear the following properties:
Enable Scripting = this feature is the <script> statement in
EMML which allows mashups to call JavaScript or JRuby scripts. This also provides direct access to Java language classes.
This feature is enabled by default. Scripting can have security implications and also has a performance impact. Clear this option to disable scripting.
Enable Direct SQL = this feature is the <sql> and <sqlUpdate> statements in
EMML. These statements allow mashups to issue raw SQL statements to databases which can have security implications.
This feature is enabled by default. Clear this option to disable direct SQL statements in mashups.
Enable EMML Profiling = this option determines whether performance profiling for mashups is enabled. Performance profiling allows developers to see how long processing took for each statement in their mashups when they test them. Profiling does, however, have a performance impact.
Performance profiling is disabled by default. Set this option to enable performance profiling.
Enable direct invocation = this feature is the <directinvoke> statement in
EMML. This statement allows mashups to invoke web services or other information sources from any URL without authentication or authorization by
MashZone NextGen.
This feature is enabled by default. Clear this option to prevent direct invocation of ungoverned information sources.
4. Click Save.