training articles

feature releases

Recommendation Solutions

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Protect against clickjack attacks and allow framing on trusted external domains. Standard headers are disabled when the showHeader attribute is set to false.

Protection against clickjack attacks is disabled for customer VisualForce pages with headers disabled.

Enable clickjack protection for Setup pages.

Protection against clickjack attacks is disabled for Setup pages.

Enable SMS method for device activation.

SMS method is disabled for device activation.

Lock sessions to the domain in which they were first used.

Sessions are not restricted to initiating domain.

Beta packages have severe limitations.

Package is a Beta.

Remove redirects to user-controlled locations.

Apex class contains redirects to user-controlled locations.

Ensure values from URL parameters are properly escaped/sanitized.

Apex class contains unsanitized URL parameters.

Review calls to dangerous methods.

Apex class contains dangerous methods.

Update code susceptible to SOQL injection.

Apex class contains untrusted/unescaped variables in DML queries.

Review profiles with "Modify All".

Profile has “Modify All” permission and is not the native System Administrator profile.