why are visualforce pages served in different domain?

January 4, 2018
·
Like
0
·
Follow
2

Best Answer chosen by swapna muthiyalu

Rajiv Penagonda 12
Simple answer - Security. Salesforce wants to keep tight control over what is customizable and what is not. Consider an example of a Visual force page running within your standard page-layout. If it runs in the same domain, the scripts in the VF page will be able to access the scripts on the standard page-layout and will be able to manipulate it.

As a matter of fact there used to be a side-bar hack where users could run scripts from side-bar and manipulate standard pages, which has since been disabled by ensuring all scripts and vf pages run in a different domain. Was this an interview question you had to face? :P

January 4, 2018
·
Like
2
·
Dislike
0

This was selected as the best answer

swapna muthiyalu
Thank you so much Rajjiv. Yes its an interview question..

January 4, 2018
·
Like
0
·
Dislike
0

Anmol Kumar 24
I wish they had maintained the consistency and served the lightning components/LWC from the same domain as vf page.
because you cannot use vf inside lightning components with click-jack enabled.

May 16, 2019
·
Like
0
·
Dislike
0

You need to sign in to do that.

Need an account? Sign Up

Have an account? Sign In

Dismiss

Browse by Topic

Welcome to Support!

Show

sorted by

why are visualforce pages served in different domain?

All Answers

You need to sign in to do that.