Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Tagged: AJAX Toolkit, Apex API, Global Variable, Javascript Code, Login, Password, Salesforce Security, Salesforce Visualforce Page, Session Variable, Username

Salesforce® Discussions

Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Posted by Aman on September 22, 2018 at 6:41 PM

In Ajax toolkit for custom Javascript button, you have to explicitly login to API because global Session variable is not available. In that case it is security vulnerable because anybody logged in can see the javascript code and your username and password. So is there any way to avoid this?

Parul replied 7 years, 5 months ago 3 Members · 2 Replies
2 Replies

shariq

Member
September 22, 2018 at 6:42 PM

We can create a visualforce page with output type as JavaScript. Global session variable is available in VF page. Initialize the global javascript variable in that VF page. include VF page as a javascript file and we are done!
Parul

Member
September 23, 2018 at 5:45 AM

Global session variable is available in VF page so when we create a visualforce page with output type as JavaScript first initialize the global javascript variable in that VF page and then include VF page as a javascript file I think then it avoided.

Popular Salesforce Blogs

Increase your sales and boost your profits with the power of QuickBooks and Salesforce

Blog in Salesforce

Today’s digital-savvy and well-informed customers demand superlative and personalized customer service from every brand they interact with. They expect brands to know their preferences and…

AWS, Bookkeeping, Business, CRM, CRM Platform

SaaSnic Aug 4, 2020

2,523 Views

Requirements for Approval Process in Salesforce - All You Need to Know

Blog in Others, Salesforce

Requirements for Approval Process For what object? What criteria do we need to define for a record which needs an approval process? Define Approver. Will…

Approval Process in Salesforce, Case Opportunity, Define Approver, Field Update, Final Approval Actions

Deepak Dec 3, 2020

6,689 Views

AI and Salesforce: How Artificial Intelligence is Shaping CRM

Blog in AI and ML

Have you ever noticed how quickly technology disrupts the way we do things? Remember flipping through spreadsheets to find customer information? Just like that, traditional…

Artificial Intelligence, Business Growth, CRM Integration, Customer Experience, Customer Insights

Cyntexa Jul 26, 2024

718 Views

Learn Apex Triggers Part 2 in Salesforce Development

Video in Salesforce Training, Salesforce Development

In this video, we will learn about Apex Triggers in Salesforce development: We'll will be discussing the following things in this video: 1. What are…

Salesforce Development, Salesforce Apex, Apex Class, salesforce, Salesforce Video

Pooja Apr 23, 2020

2,008 Views

Fireside Chat with Arundhati Bhattacharya, CEO Salesforce India

Video in Others, Salesforce Stories

Meet the new Chairperson and CEO of Salesforce India Arundhati Bhattacharya. Tasked with further leading our growth and expansion throughout the country, Arundhati will be…

Salesforce Video, Salesforce Customers, Salesforce Interview, Arundhati Bhattacharya, Salesforce chat

Nauman Jul 17, 2020

1,731 Views

Salesforce Development Master Training | Salesforce Development Course

Video in Salesforce Training, Salesforce Development

Shrey Finally launched the most awaited Salesforce Development Master Training. Features of the course are: Learn Salesforce Development from Scratch with more than 100 on-demand…

Salesforce Training, Salesforce Tutorial, Salesforce Development, Salesforce Certification, salesforce

S2 Feb 8, 2022

2,773 Views

Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Popular Salesforce Blogs

Popular Salesforce Videos