Look who’s talking to your Qlik Sense Desktop

By Barry Harmsen

lookwhostalkingHappy new year to you! Just a very short post today with a little fun and possibly a warning. You may be aware that you can use the Qlik Sense API’s on your Qlik Sense Desktop, but are you also aware that any webpage can access them? The widget on the top right contains some JavaScript that tries to connect to your local Qlik Sense Desktop, if it succeeds the version and number of apps are displayed. (click on the X Applications link for an application browser)

This is just some harmless fun of course, and potentially offers some nice options for Qlik bloggers, for example click to automatically generate an app, online performance analyzer, etc. Just be aware that there could also be more nefarious purposes, for example deleting applications or extracting data. It’s probably very unlikely that someone will target this, but good to keep in mind anyway.

On a different note, Qlik Sense 3.1 SR4 was released yesterday. And, if you’re based in The Netherlands (or willing to travel there) and interested in Qlik Sense web development with mashups, extensions and widgets then we have an interesting training coming up. More info here (in Dutch, but training will be in English, contact me if you’re interested).

About The Author

Barry Harmsen

Hi there, I'm Barry and I'm a Business Intelligence Consultant at Bitmetric and based in the Netherlands. Originally from a background of 'traditional' Data Warehousing, Business Intelligence and Performance Management, for the past few years I have been specializing in QlikView and a more user-centric form of BI. I have done numerous QlikView implementations in many different roles and industries. In 2012 I co-authored the book QlikView 11 for Developers. You can follow me on Twitter at @meneerharmsen.

5 Comments

  • 1
    January 5, 2017 - 00:40 | Permalink

    Nice gimmick with accessing the Qlik Sense Destop but I think the possibilities are rather limited here to mashup functionality. IMHO not a real danger..

    • 2
      January 5, 2017 - 17:58 | Permalink

      Yeah, it’s just a fun little gimmick. I doubt many people do much serious development on Qlik Sense Desktop, so the risk is pretty low.

  • 3
    January 5, 2017 - 01:07 | Permalink

    ..so you can use Root API an Global API, nothing else.

  • 4
    Jens Frederik
    January 12, 2017 - 13:13 | Permalink

    Interesting, not sure the benefit yet, but it may come.

    When accessed in Chrome og Firefox the widget gives a result.
    With Edge it just gives an error:
    WebSocket Error: SECURITY_ERR, Cross zone connection not allowed

    • 5
      January 12, 2017 - 13:49 | Permalink

      Hi Jens,

      I guess Edge is more secure than Chrome and Firefox 😉 (didn’t test against Edge, only FF, Chrome and IE).

      With regards to practical applications, those are probably very limited. Where I intend to use this is for training materials (for example for the Masters Summit for Qlik). Rather than having everyone searching through QS Desktop, we’ll provide a nice interface from where the example and exercise files can be browsed/opened. This also lets us include additional documentation, slide decks, reference materials etc.

      Kind regards,
      Barry

  • Leave a Reply

    Your email address will not be published. Required fields are marked *

    Read previous post:
    Handling multiple languages and translations

    Recently I made a QlikView application with multiple languages. I came across a blog post by Charles Bannon: “Handling multiple...

    Close