function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Clickjacking protection in Winter '12

There is a new alert on the partnerforce portal that is letting partners know of the upcoming "clickjack protection" for non-setup pages in winter '12. It seems to be stating that if a customer turns this on, ALL framed/iframed pages (visualforce or otherwise) will stop working.


Does anybody have any more information on this? If I'm reading it correctly, it's going to be an unusable feature for any customer who either has installed a package that uses frames or has done their own custom implementation using frames or iframes. I've personally seen dozens of customers who do this.


If this is the case, I hope SFDC at least has it turned off by default and boldly warns anyone who turns it on that it is likely to break pages if they use frames anywhere.


The alert you mention should go down as one of the worst technical communications in history. It is vague and does not give examples/scenarios.


At this point, I am filing it under FUD (Fear Uncertainty Doubt) and waiting for real, actionable details as opposed to amorphous warnings that 'stuff may not work' next release! :)


Trying to keep the glass half full.