Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Tagged: AJAX Toolkit, Apex API, Global Variable, Javascript Code, Login, Password, Salesforce Security, Salesforce Visualforce Page, Session Variable, Username

Salesforce® Discussions

Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Posted by Aman on September 22, 2018 at 6:41 pm

In Ajax toolkit for custom Javascript button, you have to explicitly login to API because global Session variable is not available. In that case it is security vulnerable because anybody logged in can see the javascript code and your username and password. So is there any way to avoid this?

Parul replied 6 years, 1 month ago 3 Members · 2 Replies
2 Replies

shariq

Member
September 22, 2018 at 6:42 pm

We can create a visualforce page with output type as JavaScript. Global session variable is available in VF page. Initialize the global javascript variable in that VF page. include VF page as a javascript file and we are done!
Parul

Member
September 23, 2018 at 5:45 am

Global session variable is available in VF page so when we create a visualforce page with output type as JavaScript first initialize the global javascript variable in that VF page and then include VF page as a javascript file I think then it avoided.

Popular Salesforce Blogs

Resolution of Managed Packages - Salesforce DX Developer Guide

Blog in Others

Working with Salesforce DX for the resolution of managed packages: First, we create an org and enable the DX version in it that is DEVHUB.…

App Launcher, Developer Edition, Developer Org, Domain Name, DX Tools

Anuj Jun 11, 2020

6,260 Views

All You Need to Know About Dynamic SOQL Query

Blog in Others

Dynamic SOQL (Structured Query Language) queries are a powerful tool for querying and manipulating data in Salesforce. Unlike static SOQL queries, which are written directly…

Access level, Additional methods, Apex Code, Batch Apex, Bind variable map

Rahul Jul 25, 2023

2,458 Views

Here's How You Can Ease Operations for Your Non-Profit Organization: With a Salesforce Customer Portal

Blog in Salesforce

Salesforce's powerful customer portals give you the tools to keep your organization running efficiently and provide your members, donors, and customers with more self-service and…

accounting systems, Campaign Management, Client-focused Communications, Cloud-based Software, Colour-coded Calendars

CRMJetty Dec 20, 2022

2,224 Views

Before Delete Trigger in Salesforce Flows - Winter '21 update

Video in Salesforce Training

In this video, I'm talking about one of the new features of the Salesforce Winter '21 flow builder i.e is before delete trigger. Watch and…

Salesforce Training, Salesforce Tutorial, Salesforce Video, Salesforce Learning, Flow Builder

Shubham Jan 22, 2021

3,147 Views

Salesforce Platform Quick Tip: How to Use Einstein Search

Video in Salesforce Training

Want to improve your searches in Salesforce, and make them faster and more intuitive? In part one of this 2 part series, Trailblazer and Salesforce…

Salesforce Training, Salesforce Tutorial, Salesforce Administrator, salesforce platform, Salesforce Einstein

Prafull Oct 22, 2021

1,537 Views

Case Study: Connecting Ferries with Salesforce IoT Explorer

Video in Salesforce Integration

The data that Salesforce IoT Explorer brings to the table helps businesses take real-time business decisions that translates into better customer service. Salesforce, in its…

Salesforce Integration, Salesforce Data Management, Learn Salesforce, Customer Success, TrailheaDX