Apex Code Development You need to sign in to do that
Don't have an account?
JanD s-controlls and security
Last days i test the Apex platform, testing some s-controlls and write
some code. while testing some mashups i search for some information
about security. Does anyone have a link?
Does s-controlls runs under adminlevel?
Does salesforce validate parameter automaticly?
What about XSS? If we use scripts from third party companys we would like to use a application firewall.
I have several questions but no paper give me some answers. I hope anyone can help me.
best regards, Jan Dreger
p.s. sorry for my bad english.
Does s-controlls runs under adminlevel?
Does salesforce validate parameter automaticly?
What about XSS? If we use scripts from third party companys we would like to use a application firewall.
I have several questions but no paper give me some answers. I hope anyone can help me.
best regards, Jan Dreger
p.s. sorry for my bad english.
dchasmanScontrols are almost entirely a client side (in browser) technology as afr as dynamic content so the normal security concepts of any HTML/CSS/javascript/ajax/etc based functionality apply. The only server side interaction is with merge fields and formulas (the parts of your scontrol inside {!}'s) which are read only and cannot change data or otherwise impact the system.