Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Tagged: AJAX Toolkit, Apex API, Global Variable, Javascript Code, Login, Password, Salesforce Security, Salesforce Visualforce Page, Session Variable, Username

Salesforce® Discussions

Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Posted by Aman on September 22, 2018 at 6:41 PM

In Ajax toolkit for custom Javascript button, you have to explicitly login to API because global Session variable is not available. In that case it is security vulnerable because anybody logged in can see the javascript code and your username and password. So is there any way to avoid this?

Parul replied 7 years, 7 months ago 3 Members · 2 Replies
2 Replies

shariq

Member
September 22, 2018 at 6:42 PM

We can create a visualforce page with output type as JavaScript. Global session variable is available in VF page. Initialize the global javascript variable in that VF page. include VF page as a javascript file and we are done!
[adinserter block='9']
Parul

Member
September 23, 2018 at 5:45 AM

Global session variable is available in VF page so when we create a visualforce page with output type as JavaScript first initialize the global javascript variable in that VF page and then include VF page as a javascript file I think then it avoided.

Popular Salesforce Blogs

How to Use Wrapper Class In Salesforce Lightning Component?

Blog in Lightning, Salesforce Implementation

How to Use Wrapper Class In Salesforce Lightning Component? A wrapper or container class is a class, a data structure, or an abstract data type…

Implement Salesforce Lightning, Salesforce Lightning Component, Salesforce Lightning Experience, Wrapper Class, Wrapper Class in Lightning Component

Aman Apr 9, 2018

23,534 Views

Salesforce Announced Life Science Cloud | Briefly Explained

Blog in Others

Salesforce Life Science Cloud is a trusted secure platform for pharmaceutical (pharma) and medical technology (MedTech) organizations to help them accelerate drug and device development,…

Availability, Chain of Custody Management, Clinical operations, Clinical Trial Journey, Cloudmetic

Cloudmetic Nov 20, 2023

1,215 Views

noKodr as Rapid Prototype Solution to Business in 2024

Blog in Salesforce Admin

Introduction In today's fast-paced world, businesses need to quickly validate their ideas and concepts before investing significant time and resources into development. This is where…

Benefits, Communication, CRM, Design Process, Development Process

noKodr May 3, 2024

882 Views

Creation Of An Object In Salesforce | Salesforce Custom Objects

Video in Salesforce Training

In this video, you will learn how to create a custom object in Salesforce, along with verification of the custom object in Salesforce. The following…

Salesforce Training, Salesforce Tutorial, salesforce, Salesforce Custom Objects, Salesforce Learning

Algoworks Sep 24, 2021

2,644 Views

Simplify Case Management in Salesforce With Email-to-Case Advance

Video in Salesforce Products

While Email-to-Case is one of the most widely used features in Salesforce Service Cloud, its limited functionalities may hold you back. At Grazitti, the Salesforce…

Salesforce Training, Salesforce Tutorial, Salesforce Service Cloud, salesforce, Salesforce Video

Sushmita Mehta Jan 18, 2022

2,803 Views

Marc Benioff talks Salesforce - AT&T deal, office health safety and online media regulation

Video in Salesforce Stories

Salesforce’s Customer 360 will enable AT&T to deliver highly-tailored customer experiences seamlessly across retail, marketing, online, business, and more. AT&T will utilize Salesforce’s entire portfolio…

salesforce, Salesforce Einstein, Salesforce Video, Sales Cloud, Tableau