Apex Code Development You need to sign in to do that
Don't have an account?
Nisar Ahmed inputText_Ignoring_FLS Issue in Security Scanner
Hi All,
I am unable to overcome the error 'inputText_Ignoring_FLS' for the below statement which I have used in a VF page.
<apex:inputText id="name" value="!CustomerFirstName}" styleClass="dropdown1"</apex:inputText>
I have tried the rendered attribute as given in the developerforce document (link below) and an example which I have tried.
http://wiki.developerforce.com/page/Enforcing_CRUD_and_FLS
Eg.,
<apex:inputText id="name" value="!CustomerFirstName}" styleClass="dropdown1"
rendered="{!$ObjectType.Appointment__c.Fields.Customer_Name__c.createable}" >
</apex:inputText>
I am using Apex property in the controller for some reason, hence inputText in the VF page.
Is there any way on how to overcome this issue using apex:inputText only(but not apex:inputField) in the page.
Any help will be highly appreciated.
Regards,
Nisar Ahmed
I am unable to overcome the error 'inputText_Ignoring_FLS' for the below statement which I have used in a VF page.
<apex:inputText id="name" value="!CustomerFirstName}" styleClass="dropdown1"</apex:inputText>
I have tried the rendered attribute as given in the developerforce document (link below) and an example which I have tried.
http://wiki.developerforce.com/page/Enforcing_CRUD_and_FLS
Eg.,
<apex:inputText id="name" value="!CustomerFirstName}" styleClass="dropdown1"
rendered="{!$ObjectType.Appointment__c.Fields.Customer_Name__c.createable}" >
</apex:inputText>
I am using Apex property in the controller for some reason, hence inputText in the VF page.
Is there any way on how to overcome this issue using apex:inputText only(but not apex:inputField) in the page.
Any help will be highly appreciated.
Regards,
Nisar Ahmed
The security scanner report is stating the "inputText_Ignoring_FLS" error message.
Yes, this is a false positive. As the automatic scanner is not aware of the render tag, this pattern is susceptible to positives.