function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
kory108kory108 

Encrypted Field is Masked in a Visualforce Page When Embedded into a Standard Layout

Hello,

We're adding an encrypted field using classic encryption to our org. I have set up a permission set to allow viewing of the encrypted field for me.

The field is housed in a Visualforce section (using a field set) that is embedded in a standard Case page layout. I have found that the encrypted field stays masked when viewing within the Visualforce section even though I have the View Encrypted Data permission (via the permission set). If I add the same field to the regular page layout, then the data is not masked, as expected.

I'm assuming there's something additional I need to do in the Visualforce code to allow this field to come through unmasked, however I haven't been able to find any documentation on this issue. Below is a snipped of the Visualforce code, and I've also attached the entire Visualforce page as well as a screenshot of the issue. Hopefully someone has run across this before and has some ideas.
 
<apex:pageBlockSection title="Request Details" columns="2" rendered="{!Case.Request_Reason__c == 'Account Holder Name Change or Correction'}">
    <apex:repeat value="{!$ObjectType.Case.FieldSets.Account_Holder_Name_Change_or_Correction}" var="f">
        <apex:outputField value="{!Case[f]}"/><br/>
    </apex:repeat>
</apex:pageBlockSection>

User-added image
Raj VakatiRaj Vakati
Hi ,
"Encrypted custom fields that are embedded in the <apex:outputText> component display in clear text. The
<apex:outputText> component doesn't respect the View Encrypted Data permission for users. To prevent showing sensitive
information to unauthorized users, use the <apex:outputField> tag instead. "

Now You need to Render the Encrypted by using <apex:outputText>  and  <apex:outputField> based on the permission. 

Thanks ,
Raj 

 

 
kory108kory108
Raj,

From what you have stated, Visualforce embedded in a standard page layout has no ability to show encrypted data to only users who have the correct permission - instead I have to custom code this logic into the page itself. Am I understanding that correctly?

I'm already using <apex:outputField> in my VisualForce, but it sounds like this will always show as masked, even if the user has the View Encrypted Data permission?
kory108kory108
Hello,

I still haven't been able to find a solution to this issue, however upon further testing I have found that the encrypted field does display correctly (unmasked) when I view the visualforce page in it's own browser window, however it does not display correctly (shows the same field as masked) when viewing the visualforce page embedded in a standard page layout. This appears to be a bug to me, but maybe I'm missing something that would make this a "feature". Hopefully someone has run into this before and has a workaround to display the encrypted field correctly when the visualforce page is embedded in a standard page layout.