Secure Coding Guide
Version 53.0, Winter ’22
@salesforcedocs Last updated: July 21, 2021 © Copyright 2000–2021 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com, inc., as are other names and marks. Other marks appearing herein may be trademarks of their respective owners. CONTENTS
Chapter 1: Secure Coding Guidelines ...... 1
Chapter 2: Secure Coding Cross Site Scripting ...... 2
Chapter 3: Secure Coding SQL Injection ...... 32
Chapter 4: Secure Coding Cross Site Request Forgery ...... 40
Chapter 5: Secure Coding Secure Communications ...... 47
Chapter 6: Storing Sensitive Data ...... 52
Chapter 7: Arbitrary Redirect ...... 58
Chapter 8: Authorization and Access Control ...... 62
Chapter 9: Lightning Security ...... 67
Chapter 10: Marketing Cloud API Integration Security ...... 76
Chapter 11: Secure Coding PostMessage ...... 79
Chapter 12: Secure Coding WebSockets ...... 81
Chapter 13: Platform Security FAQs ...... 82
CHAPTER 1 Secure Coding Guidelines
This guide walks you through the most common security issues Salesforce has identified while auditing applications built on or integrated with the Lightning Platform. This guide takes into account that many of our developers write integration pieces with the Lightning Platform and includes examples from other web platforms such as Java, ASP.NET, PHP and Ruby on Rails. The Lightning Platform provides full or partial protection against many of these issues. It is noted when this is the case. Consider this to be an easy to read reference and not a thorough documentation of all web application security flaws. More details on a broader spectrum of web application security problems can be found on the OWASP (Open Web Application Security Project) site.
1 CHAPTER 2 Secure Coding Cross Site Scripting
What is it?
Cross-site scripting is a vulnerability that occurs when an attacker can insert unauthorized JavaScript, VBScript, HTML, or other active content into a web page viewed by other users. A malicious script inserted into a page in this manner can hijack the user’s session, submit unauthorized transactions as the user, steal confidential information, or simply deface the page. Cross-site scripting is one of the most serious and most common attacks against web applications today. XSS allows malicious users to control the content and code on your site — something only you should be able to do!!
Sample vulnerability
Consider a web application with a search feature. The user sends their query as a GET parameter, and the page displays the parameter in the page: Request: http://example.com/api/search?q=apples Response: “You searched for apples” For example, this could be done with the following Visualforce page:
An XSS attack could take place if the user were visiting another site that included the following code: