Password Protected Survey123 with Java Script to share outside of organization

MHergel

I have seen that the Survey123 team has not allowed Java Script functions to be used in Surveys outside of an organization due to web safety concerns. My idea was could a safety precaution such a password protected survey forms be created so that users outside of the organization could use a survey that uses Java Script functions.

It could be similar to a password protected pdf where only users who have the password can open the form and use/submit data. Maybe it could be set up in a way that only email addresses that have had the survey link shared with them can access the survey once they enter the password.

JoëlHempenius3

Please don't do this. Allowing Javascript creates a huge attackvector for token hijacks and I think it's already a security risk having this javascript option within organizations. Allowing it outside of organizations basically makes it a nice XSS and once somebody get's a hold on your token, there is a small time window where they can do a lof of damage to the account the token was generated for.