You need to sign in to do that
Don't have an account?
rtrigg
Access $Api.Session_ID from a static resource?
Hi all,
I'm trying to improve security in my VF+tabs community by stashing all my javascript/css in static resources. It works great, except when I try to resolve the global merge field $Api.Session_ID (which I need to initialize sforce.connection). It only works if I put the reference in the main file, like so:
<script type="text/javascript"> function getSessionId () { return '{!$Api.Session_ID}'; } </script>
However, that exposes the session id in page source:
<script type="text/javascript"> function getSessionId () { return '00Di...!...'; } </script>
Is that a security problem? If so, is there some way to fetch api session id from inside a static resource?
Thanks!
- Randy
I'm trying to improve security in my VF+tabs community by stashing all my javascript/css in static resources. It works great, except when I try to resolve the global merge field $Api.Session_ID (which I need to initialize sforce.connection). It only works if I put the reference in the main file, like so:
<script type="text/javascript"> function getSessionId () { return '{!$Api.Session_ID}'; } </script>
However, that exposes the session id in page source:
<script type="text/javascript"> function getSessionId () { return '00Di...!...'; } </script>
Is that a security problem? If so, is there some way to fetch api session id from inside a static resource?
Thanks!
- Randy