Salesforce CRM:The Definitive Admin Handbook(Third Edition)
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

Clickjack protection

Clickjacking is a malicious technique of fooling a web user into clicking on something different from what the user intended and often takes the form of embedded code or script that executes without the user's knowledge, for example, when clicking on a button or concealed link that then performs another function. There are various features that can be used to set clickjack protection as per the upcoming sections.

Enable clickjack protection for setup pages

The Enable clickjack protection for setup pages option adds security to help guard against clickjack attacks on setup Salesforce pages.

Note

This option is enabled by default and can only be disabled by sending a request to salesforce.com support.

Enable clickjack protection for non-setup Salesforce pages

The Enable clickjack protection for non-setup Salesforce pages option adds security to help guard against clickjack attacks on non-setup Salesforce pages.

Note

This option is enabled by default and can only be disabled by sending a request to salesforce.com support.

Enable clickjack protection for non-setup customer Visualforce pages

The Enable clickjack protection for non-setup customer Visualforce pages option protects against clickjack attacks on your custom Visualforce pages. The effect of this is that Visualforce pages in a page layout do not function when clickjack protection is on.

Note

Setting this will result in custom Visualforce pages within a frame or iframe that is no longer working as intended; you might see a blank page or the page might get displayed without the frame.

本周热推:
利用Python进行数据分析(原书第3版)我的第一本算法书Scala编程(第4版)数据结构习题解析与实验指导C语言编程兵书
上一章目录下一章