Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Tagged: AJAX Toolkit, Apex API, Global Variable, Javascript Code, Login, Password, Salesforce Security, Salesforce Visualforce Page, Session Variable, Username

Salesforce® Discussions

Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Posted by Aman on September 22, 2018 at 6:41 PM

In Ajax toolkit for custom Javascript button, you have to explicitly login to API because global Session variable is not available. In that case it is security vulnerable because anybody logged in can see the javascript code and your username and password. So is there any way to avoid this?

Parul replied 7 years, 4 months ago 3 Members · 2 Replies
2 Replies

shariq

Member
September 22, 2018 at 6:42 PM

We can create a visualforce page with output type as JavaScript. Global session variable is available in VF page. Initialize the global javascript variable in that VF page. include VF page as a javascript file and we are done!
Parul

Member
September 23, 2018 at 5:45 AM

Global session variable is available in VF page so when we create a visualforce page with output type as JavaScript first initialize the global javascript variable in that VF page and then include VF page as a javascript file I think then it avoided.

Popular Salesforce Blogs

ContentDocument and ContentVersion in Salesforce - An Overview

Blog in Salesforce

Salesforce provides a world of standard objects and relationships among them. All the standard objects have their layouts, functionalities and many settings which make them…

API, Content Document Link, Content Version, CRM, Salesforce

Anjali Mar 24, 2020

39,165 Views

Scaling up Sales Team: How Salesforce Sales Cloud Implementation Can Help Small Businesses

Blog in Salesforce

When it comes to running a small growing business, the business owners and employees have to wear multiple hats. And, with more and more companies…

Business Landscape, Business Solutions, Centralized Data View, Collaboration, Compliance

Carol Mar 7, 2024

851 Views

Salesforce Governor Limits - Cheatsheet

Blog in Salesforce Tutorial

Salesforce a CRM has there own limitation on the usage of resources which are actually based upon separate editions and these editions have there own governor…

Cheatsheet, Salesforce Developer Edition, Salesforce Editions, Salesforce Enterprise Edition, Salesforce governor limits

Archit Mar 29, 2018

28,137 Views

Top 10 Features of Salesforce | What is Salesforce | Salesforce Consulting Company

Video in Salesforce Development

A3logics offers World Class Salesforce Consulting services for your round-off Salesforce cycle from planning, consulting, integration, support, and administration services. We also offer Salesforce app…

Salesforce Consulting Company, salesforce, Salesforce Consulting, salesforce consulting services, #integration

A3Logics Feb 2, 2021

2,871 Views

How relationship works in Salesforce?

Video in Salesforce Development

In this video, following things have been explained: How to create relationships in Salesforce? What is the need of relationship between two objects in Salesforce?…

Salesforce Data, Many to Many Relationship, Salesforce Object Relationships, Salesforce Relationships

Prafull Nov 1, 2018

2,305 Views

Introduction to Salesforce Einstein OCR

Video in Salesforce Einstein

In this session, we will learn about Einstein OCR and Create/Update Leads and Contacts using Business Cards. Let’s welcome an amazing #Summer20 release gem –…

Salesforce Training, salesforce, Salesforce Einstein, Salesforce Video, REST API

Jogender Aug 13, 2020

2,488 Views

Anyone logged in to API can see the javascript code, your username and password - how to avoid this in Salesforce?

Popular Salesforce Blogs

Popular Salesforce Videos