Feature differences: Legacy Chat and Chat in the Web Widget

Have more questions? Submit a request

3 Comments

  • Maria
    Comment actions Permalink

    In how far are setNotes and appendNotes posing security risks? Especially since setName, setEmail,... are all text fields too and still supported
    This is super useful to get additional info about the page the user is on


    Also getName, getPhone and getEmail shouldn't be removed - their setters (setName) are still supported, so it makes sense to also have a getter.
    e.g. if ( getName() === '' && login cookie exists ) { setName( some value from cookie ) }
    So logged in users immediately have a better user experience, but we won't overwrite their name if they have manually input it already.

    0
  • Daniel Aron
    Comment actions Permalink

    Hi Maria, 

    The risk is more around social engineering and that notes can be used to influence workflow, for example causing an agent to process something that shouldn't be processed. Most agents have controls in place to validate the customers name/email information. This article details the available workarounds for Notes. 

    In regards to getName/Phone/Email we plan to support those. No ETA just yet but i'll update here when I can.

    0
  • Maria
    Comment actions Permalink

    But how would I get the chat_id? It's not exposed anywhere in the zendesk chat widget, so how would I be able to target the currently running chat using the API? Obviously, the chat_id is a requirement for all calls to update a specific chat.

    0

Please sign in to leave a comment.

Powered by Zendesk