>>>each tab can be in a single parent browser window or dragged off into its own browser parent window ! ... Maybe I don’t understand the problem scenario?
>
>Can these separate tabs then behave like an interactive Windows app - e.g. drag an item to a higher sequence position on one tab and 2 other tabs instantly update to reflect the change?
>
>Back when we had to make decisions, the answer was (or became) "no" because you don't want the dodgy site somebody happened to click while searching for "bicycle" to pull sneaky tricks to interact with the banking app on another tab, which was the exact example given at the time. Maye they overcame that since.

The answer is yes because a Dynamic WebDev site behaves much more like an application than a normal website. For Dynamic WebDev sites you must run the WebDev Application Server system on the server; this is an additional piece of backend software from PCSoft. This system is responsible for managing the entire session state of a user who accesses a Dynamic WebDev site. You need to think about Dynamic WebDev websites more like an application which is split into 2 parts; the front-end is happening in the browser and communicates with the backend which sits on the server. On the backend is where most everything to do with the users session is maintained, data is retrieved or processed, server-side variables and objects are created. So any process can access whatever it needs in regards to variables or record pointers related to the user session.

How does it work? For example, the user logs in; record pointers are positioned on the server for the users login credentials. The login is confirmed and a response is sent to the browser saying login OK such as a variable is set to "TRUE"; the browser code handles what happens next, for example, load a welcome page. The user finds a record to plot; record positions are set on the server. User creates a new window object; a window object variable is created in the browser (but can be enumerated by the server). A chart is drawn in it (or a table is displayed or whatever). The user creates another window; another window object variable is created. Everything you want the user to do and be remembered during his session is managed by the WAS; the entire session state of variables, database pointers, etc. Now the user chooses to do something else, let’s say, tile all windows; the server receives the request via a button or something and enumerates all the window object variables on the web page and re-displays them accordingly. This functionality is actually working in the proof-of-concept screenshot I showed you.

There is no way to hack this by a hacker unless they can take over the session of the user but there is no hacks of the WebDev Application Server that I have heard of. I have no idea how that would happen or what they could do with such a hack besides perhaps do something to the WebDev server itself. The WAS can only run routines you have programmed into the WebDev site but how would a random hack know what they are or what credentials are required to activate them. I have not heard of that possibility but one must always assume that nothing is full-proof I suppose. However, this threat exists no matter what technology or system you use to run something over the internet/web.