function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion 

Look up fields in sites page

  Is it possible to have look up fields in sites page?



EIE50EIE50 sites comprises of several Visualforce pages. If you can have lookup fields in VF pages, then it is the same for sites.


Or am i not understanding your question right?



I know its possible in vf page.But want to know if any one has exposed  lookup fields in sites.Are there any security issues with it?

Andy BoettcherAndy Boettcher

Your security issues are mostly handled on how you are granting public user access to the objects behind your pages.  All code and whatnot is managed within Salesforce's infrastructure and is secure from that standpoint.


However - your usual suspects still should be accounted for when publishing functionality publically on the web:


  • Make sure that if you're providing some kind of functionality where you are creating SOQL queries based off of user input, that they are protected in such a way to prevent SOQL injection attacks
  • Don't expose more objects to the public user's profile than absolutely necessary
  • Don't put any static information in your VF page or Controller that you wouldn't want posted up for anyone to see (usernames, passwords, anything like that)