Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Tagged: AJAX Toolkit, Apex API, Global Variable, Javascript Code, Login, Password, Salesforce Security, Salesforce Visualforce Page, Session Variable, Username

Salesforce® Discussions

Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Posted by Aman on September 22, 2018 at 6:41 pm

In Ajax toolkit for custom Javascript button, you have to explicitly login to API because global Session variable is not available. In that case it is security vulnerable because anybody logged in can see the javascript code and your username and password. So is there any way to avoid this?

Parul replied 6 years, 5 months ago 3 Members · 2 Replies
2 Replies

shariq

Member
September 22, 2018 at 6:42 pm

We can create a visualforce page with output type as JavaScript. Global session variable is available in VF page. Initialize the global javascript variable in that VF page. include VF page as a javascript file and we are done!
Parul

Member
September 23, 2018 at 5:45 am

Global session variable is available in VF page so when we create a visualforce page with output type as JavaScript first initialize the global javascript variable in that VF page and then include VF page as a javascript file I think then it avoided.

Popular Salesforce Blogs

Salesforce Record Manipulation Using Amazon Alexa

Blog in AI and ML, Salesforce, Salesforce integration

At first, let us discuss about Amazon Alexa! So what is Amazon Alexa? Amazon Alexa, known simply as Alexa, is a virtual assistant developed by…

Alexa, Alexa Skills, Alexa-enabled Device, amazon, Amazon Account

Sudarshana Apr 13, 2020

10,662 Views

Why You Should Consider Investing In Salesforce Lightning

Blog in Lightning

Salesforce thought of perhaps the greatest development a year ago, that is Salesforce Lightning. It is a keen instrument that encourages you to sell quicker,…

AppExchange Apps, Applications and Projects, Business, Classic to Lightning, Client Experience

Aditya Jun 29, 2021

3,011 Views

Salesforce Marketing Cloud Connect: Subscriber Key Migration

Blog in Marketing, Salesforce Cloud Platform

If you’ve decided to implement Marketing Cloud Connect in your organization, one of the first considerations will be how to handle Subscriber Keys from Sales or Service…

Automation Studio, Contact Builder, Custom Data Extension, Custom DE, Custom Email Preferences

DB Nov 10, 2020

2,729 Views

Salesforce Marketing Cloud Connector for UiPath

Video in Salesforce Products, Marketing, Salesforce Cloud Platform

This is a connector for Salesforce Marketing Cloud that allows you to work in the background with SFMC instance. watch this video and let us…

Salesforce Training, Marketing Automation, Salesforce Marketing Cloud, Salesforce Video, Salesforce Learning

Cristian Nov 19, 2020

1,401 Views

Enhance Not Divest your Investment in Salesforce

Video in Others

Here in a short Video Blog, Ian Moyse, Natterbox Sales Director and Sales Director of the year winner (Institute of Sales Management) talks to how…

Salesforce Tools, Salesforce Data, Sales Cloud, Salesforce VIdeos, Service Cloud

Ian Moyse Feb 10, 2020

1,679 Views

Salesforce On-Demand Administrator

Video in Salesforce Admin

Apphienz's On-demand Administrator delivers much more than the company's expectations. It is hands-on, makes the work easy, efficient and productive along with being available to…

Salesforce Training, Salesforce Admin, Salesforce Video, Salesforce Learning, Salesforce On-Demand Administrator