According to the report, the SSL3.0 has vulnerability that allows the decryption of

encrypted SSL/TLS traffic. This vulnerability primarily impacts HTTPS traffic, since

the browser is the primary attack vector, and all web traffic served via HTTPS or

mixed content HTTP/HTTPS is affected.

Do Salesforce have a solve?

By the way,I'm connect Salesforce with the Salesforce web service(use https).

see: https://technet.microsoft.com/en-us/security/advisory/2588513

Hello,

I have created a VF page that will go on a public site that is meant for user to enter data into the system.  This is working fine but I noticed that URL hacking is possible (read only due to FLS on the public user profile for the site) if a user appends the id to the url (for example, VFPage?id=00AB0000001abcD).

Ideally, I would like to simply set FLS to edit with no view.  Since create FLS requires view FLS, how can one prevent url hacking in this manner?   How can we prevent the controller extension from processing data from the url?

Thanks,

Tony

Hi All,

    I have 56 groups and now i have to create sharing rules between these groups for 4 objects, so that means in total i have to create 224 rules, is there any easy way to do this?

If your web-application allows users to upload custom HTML and Javascript content (email templates, custom sites, attachments, etc.), you must ensure that adequate protections are in place to prevent users from launching XSS attacks (privilege escalation, data-leakage, cookie theft, etc.) against other users of the application. Additionally, if your application is vulnerable to CSRF, the attacks can be carried out by malicious (unauthenticated) users. 

There's a number of different approaches that be taken to address this security concern:

1) Alternate domain (Recommended)
Let’s say cookies are scoped to https://app.site.com.  Even if customers can upload arbitrary content, you can always serve the content from an alternate domain that is outside of the scoping of any trusted cookies (session cookies and other sensitive information).  As an example, pages on https://app.site.com would reference customer-uploaded HTML templates as IFRAMES using a link to https://content.site.com/cust1/templates?templId=13&auth=someRandomAuthenticationToken

The authentication token would substitute for the session cookie since sessions scoped to app.site.com would not be sent to content.site.com.  This is exactly the method that salesforce.com uses for our content product.

2) Alternate syntax
Some products, like wiki’s, have an alternate syntax that can be used by clients to indicate particular markup and formatting.  This allows clients to format content without directly using HTML.  Server-side rendering is done to translate the non-HTML markup into safe HTML.  Many WYSIWYG editors support such alternate markup syntax.

3) Whitelisting
The last option that I’m aware of is to “sanitize” HTML input from users.  Basically, you maintain a whitelist of allowed tags, the allowed attributes for each tag, and validation/transform routines for each attribute and each tag.  HTML sanitization can be very complicated and this technique becomes heavily browser dependent.   You also have other practical problems like the handling of invalid and unparsable HTML.

The best example of this technique in the wild is Gmail.  I’d suggest sending an HTML email containing every possible HTML tag, each with every possible HTML attribute, to a Gmail account and reviewing the changes that Gmail makes on the HTML delivered to the user.   You’ll see that there is a significant amount of logic that goes into sanitizing HTML.  It is a hard problem to fix correctly.

According to the report, the SSL3.0 has vulnerability that allows the decryption of

encrypted SSL/TLS traffic. This vulnerability primarily impacts HTTPS traffic, since

the browser is the primary attack vector, and all web traffic served via HTTPS or

mixed content HTTP/HTTPS is affected.

Do Salesforce have a solve?

By the way,I'm connect Salesforce with the Salesforce web service(use https).

see: https://technet.microsoft.com/en-us/security/advisory/2588513

Hello,

I have created a VF page that will go on a public site that is meant for user to enter data into the system.  This is working fine but I noticed that URL hacking is possible (read only due to FLS on the public user profile for the site) if a user appends the id to the url (for example, VFPage?id=00AB0000001abcD).

Ideally, I would like to simply set FLS to edit with no view.  Since create FLS requires view FLS, how can one prevent url hacking in this manner?   How can we prevent the controller extension from processing data from the url?

Thanks,

Tony

Hi,

I m Planing to give Salesforce Devloper Certifiaction (DEV 501) .I have gone through study materials, Can Anyone provide Certification dumps for DEV 501,so that  i can be confident before going for exam as certification charges are quit high , so i want to clear it in first attempt.

Thanks & Regards

Shailu

I need to use delegated authentication to enable single sign on (SS0) when going between our server in DMZ and SFDC.

1. How the secure channel will be establish between SFDC and our DMZ server? (We propose VPN solution)
2. If it is through HTTPS, let us know what need to be done from our side.
3. As per our policy, we will not publish our server to outside the world. (NATing)
4. Is that trusted certificate has to apply on our server. Who will provide us the trusted certificate?
5. As per the architecture of SFDC, there are load balancers placed in front of the servers, then why it is required to white list mentioned range of 512 IPs in the firewall?

Please let us know the mentioned concerns to have a best solution and secure connectivity.

Get salesforce best practices here :

Secure Salesforce

You can follow us and comments/queries are invited.

We want to completely separate two companies within our Salesforce, before the two companies were under one name but now have been divided into two. So that they can't see any data of each other anymore.

Our situation is as follows:

1. Organisation

2. Director

3. Company 1

3. Company 2

In this situation both companies can see data of each other, but we want to completely separate them. As we can't create two Organisations in some way we have to configure that those will be separated so that they dont see the data.

Is there anybody who knows how to configure this? Probably it's not only in the Role hierarchy i assume?

Thanks in advance

Has there been any movement on this front - I knew some years back there was some teams in SFDC looking into this item but not sure where it went or if there is a feature that supports this.

Basic use case is on search and in other areas of record ownership change - do not want user to see other users of different teams and countries, and prevent them from re-assigning records outside their set scope of user management for that task, or search. 

I know we can do filtered lookups and that does achieve it in some cases but not on things like account wizard changes nor on the search screen etc..

Hi,

 I am admin of one instance it was in production. I am unable to login, i can get ssword using forgot password option. But i dont want reset that password because this instance integrated with some other application that is the reason i am unable to reset my password. In this integration i used that password if i reset the password automatically the integration will collapsable.

Please advice me any one of you with solution Immediatly.

Thank you

krish

My Salesforce app calls out to my own external web service. The documentation says to use the user ID and session ID to authenticate and identify users from an external service. Specifically, you're supposed to put the user and session IDs in the web request then have your service call back through the Force.com API to check that the user has an active session and has been authenticated.

I get the idea but there is no example or further explanation. HOW is that done with the API? WHAT API methods are used?

Hi All,

    I have 56 groups and now i have to create sharing rules between these groups for 4 objects, so that means in total i have to create 224 rules, is there any easy way to do this?

I wanna share all kinds of records among the users with the same role.

But i hate to create sharing rules for each object i have created.

anybody knows if there is any easy way make it happen?

Thanks in advance.:smileytongue:

Regards,

Altantis

Hi,

I want to create one site using customer portal where I want to generate password myself and then send them to customer.Customer should not receive this from salesforce.

Regards,

Mktg

I've created a custom object that stores data for a record, including it's location (via latitude/longitude). I need to add this for a number of standard records including Leads, Contacts and Accounts. I'd like this in a single object for performance reasons. For example, now I can query what standard records are in a given area in a single query rather than querying each of Leads, Accounts, Contacts etc. separately. 

Conceptually, I'm looking for the equivalent of a master detail relationship to my custom object. However, I had to implement this as a lookup relationship as master-detail isn't supported for all records (e.g. can't have a master detail relationship from Leads to my Custom object). To this end, I had to implement my own triggers, e.g. to delete row in the custom object if the "parent" is deleted. 

As I mentioned, I'd like to make a single query to my custom object from Apex rather than make a bunch of queries to the parent records. However, now I'm concerned about security - that a user can get back records that they otherwise wouldn't have permission too. Is there any way to grant a row being inserted in my custom object the exact same permissions as on a "parent" object (I have access to the parent SObject when I'm inserting the custom object record)? Are there big gotchas in this approach (e.g. that permissions on the parent object could change and not ripple through?).

In preparation for the Force.com AppExchange Security Review (see e.g. Requirements Checklist) I have been trying to write unit tests for my application's CRUD security and FLS logic.

The two tests below demonstrate the problem that I have got stuck on. System.runAs can have an impact on the describe call result as isUpdateable is false in the first test class and true in the second. But the first obtained describe data remains cached both within a test method and across the whole test class.

I'm looking for suggestions on how to write CRUD security and FLS tests given this unexpected behavior.

Thanks, Keith

@isTest
private class DescribeFalseTest {

    @isTest
    static void testOne() {
    
        // Observed bizarre behavior: if first call is false rest will be false
        System.runAs(readOnlyUser()) {
            System.assertEquals(false, Account.SObjectType.getDescribe().isUpdateable());
        }

        System.assertEquals(false, Account.SObjectType.getDescribe().isUpdateable());
    }

    @isTest
    static void testTwo() {

        System.assertEquals(false, Account.SObjectType.getDescribe().isUpdateable());
        
        System.runAs(readOnlyUser()) {
            System.assertEquals(false, Account.SObjectType.getDescribe().isUpdateable());
        }
    }
    
    private static User readOnlyUser() {

        Profile p = [select Id, Name from Profile where Name = 'Read Only'];
        User u = new User(
            UserName = 'test-user@test-company.com',
            FirstName = 'Test-First-Name',
            LastName = 'Test-Last-Name',
            Alias = 'test',
            Email = 'test-user@test-company.com',
            EmailEncodingKey = 'UTF-8',
            LanguageLocaleKey = 'en_US',
            LocalesIdKey = 'en_US',
            TimezonesIdKey = 'America/Los_Angeles',
            ProfileId = p.Id
            );
        insert u;
        return u;
    }
}

@isTest
private class DescribeTrueTest {

    @isTest
    static void testOne() {
    
        // Observed bizarre behavior: if first call is true rest will be true
        System.assertEquals(true, Account.SObjectType.getDescribe().isUpdateable());
        
        System.runAs(readOnlyUser()) {
            System.assertEquals(true, Account.SObjectType.getDescribe().isUpdateable());
        }
    }

    @isTest
    static void testTwo() {

        System.runAs(readOnlyUser()) {
            System.assertEquals(true, Account.SObjectType.getDescribe().isUpdateable());
        }

        System.assertEquals(true, Account.SObjectType.getDescribe().isUpdateable());
    }
    
    private static User readOnlyUser() {

        Profile p = [select Id, Name from Profile where Name = 'Read Only'];
        User u = new User(
            UserName = 'test-user@test-company.com',
            FirstName = 'Test-First-Name',
            LastName = 'Test-Last-Name',
            Alias = 'test',
            Email = 'test-user@test-company.com',
            EmailEncodingKey = 'UTF-8',
            LanguageLocaleKey = 'en_US',
            LocalesIdKey = 'en_US',
            TimezonesIdKey = 'America/Los_Angeles',
            ProfileId = p.Id
            );
        insert u;
        return u;
    }
}

If your web-application allows users to upload custom HTML and Javascript content (email templates, custom sites, attachments, etc.), you must ensure that adequate protections are in place to prevent users from launching XSS attacks (privilege escalation, data-leakage, cookie theft, etc.) against other users of the application. Additionally, if your application is vulnerable to CSRF, the attacks can be carried out by malicious (unauthenticated) users. 

There's a number of different approaches that be taken to address this security concern:

1) Alternate domain (Recommended)
Let’s say cookies are scoped to https://app.site.com.  Even if customers can upload arbitrary content, you can always serve the content from an alternate domain that is outside of the scoping of any trusted cookies (session cookies and other sensitive information).  As an example, pages on https://app.site.com would reference customer-uploaded HTML templates as IFRAMES using a link to https://content.site.com/cust1/templates?templId=13&auth=someRandomAuthenticationToken

The authentication token would substitute for the session cookie since sessions scoped to app.site.com would not be sent to content.site.com.  This is exactly the method that salesforce.com uses for our content product.

2) Alternate syntax
Some products, like wiki’s, have an alternate syntax that can be used by clients to indicate particular markup and formatting.  This allows clients to format content without directly using HTML.  Server-side rendering is done to translate the non-HTML markup into safe HTML.  Many WYSIWYG editors support such alternate markup syntax.

3) Whitelisting
The last option that I’m aware of is to “sanitize” HTML input from users.  Basically, you maintain a whitelist of allowed tags, the allowed attributes for each tag, and validation/transform routines for each attribute and each tag.  HTML sanitization can be very complicated and this technique becomes heavily browser dependent.   You also have other practical problems like the handling of invalid and unparsable HTML.

The best example of this technique in the wild is Gmail.  I’d suggest sending an HTML email containing every possible HTML tag, each with every possible HTML attribute, to a Gmail account and reviewing the changes that Gmail makes on the HTML delivered to the user.   You’ll see that there is a significant amount of logic that goes into sanitizing HTML.  It is a hard problem to fix correctly.