You need to sign in to do that
Don't have an account?
Amit Singh 1
JavaScript of any type is not allowed to run within the Salesforce.com application context. This includes JavaScript blocks within HomePageComponents, WebLinks, Custom buttons and all other components that are run under the Salesforce DOM.
Hi Folks,
My app failed the security review. I am using a javascript custom button and I already had used JSENCODE function. Below is my code that has been provided by the Salesforce security team.
Please let me know where and what I am doing wrong. Any help will be greatly appreciated.
Thanks,
Amit Singh
My app failed the security review. I am using a javascript custom button and I already had used JSENCODE function. Below is my code that has been provided by the Salesforce security team.
Issue Description JavaScript of any type is not allowed to run within the Salesforce.com application context. This includes JavaScript blocks within HomePageComponents, WebLinks, Custom buttons and all other components that are run under the Salesforce DOM. Finding 1 of 1 File objects\Invoice__c.object Code <protected>false</protected> <url>{!REQUIRESCRIPT("/soap/ajax/38.0/connection.js")} {!REQUIRESCRIPT("/soap/ajax/38.0/apex.js")} if("{!JSENCODE(Opportunity.Client_ID__c)}"==""){ alert('Opportunity related to this Invoice must be a Client Entity into Freshbooks.'); }else if("{!JSENCODE(Account.Account_Id__c)}"==""){ alert('Opportunity related to this Invoice must be associated with a valid Freshbooks Business Entity/Account.'); }else if("{!JSENCODE(Opportunity.Email__c)}"==""){ alert('Opportunity related to this Invoice can not have a blank Email address.'); }else { var result = sforce.apex.execute("Freshbook.syncInvoiceControllerNew","getInvoiceDetails",{invoiceId:"{!JSENCODE(Invoice__c.Id)}",isClassic:true}); if(result[0].Freshbook__Synched__c){ alert('Invoice Synced Successfully.'); location.reload(true); }else{ alert('Error Occured while Syncing the Invoice with freshbooks.'); } }</url> File Opportunity.object Code <url>{!REQUIRESCRIPT("/soap/ajax/38.0/connection.js")} {!REQUIRESCRIPT("/soap/ajax/38.0/apex.js")} if ("{!JSENCODE($Setup.Freshbooks_App_Credentials__c.Authentication_URL__c)}" == "" || "{!JSENCODE($Setup.Freshbooks_App_Credentials__c.Client_Id__c)}" == "" || "{!JSENCODE($Setup.Freshbooks_App_Credentials__c.Client_Secret__c)}" == "" || "{!JSENCODE($Setup.Freshbooks_App_Credentials__c.SFBaseURL__c)}" == "" || "{!JSENCODE($Setup.Freshbooks_App_Credentials__c.Base_URL__c)}" == "" || "{!JSENCODE($Setup.Freshbooks_App_Credentials__c.Access_Token__c)}" == "" || "{!JSENCODE($Setup.Freshbooks_App_Credentials__c.Refresh_Token__c)}" == "") { alert('1 or more fields in the Custom Setting are null'); } else { if ("{!JSENCODE(Opportunity.Email__c)}" == "") { alert('Opportu File Payment__c.object Code <openType>onClickJavaScript</openType> <protected>false</protected> <url>{!REQUIRESCRIPT("/soap/ajax/36.0/connection.js")} {!REQUIRESCRIPT("/soap/ajax/36.0/apex.js")} if("{!(Payment__c.Payment_Date__c)}"==null || "{!(Payment__c.Payment_Date__c)}"==''){ alert('Payment Date can not be null'); } else{ if("{!JSENCODE(Payment__c.Account_Id__c)}"!=null) { var result=sforce.apex.execute('Freshbook.syncPaymentController','getPaymentRecord',{paymentId:'{!JSENCODE(Payment__c.Id)}', isClassic:true}); if(result[0].Freshbook__Synched__c){ alert('Payment successfully Synched.'); location.reload(true); } else{ alert('Err Notes Please don't write javascript in object files
Please let me know where and what I am doing wrong. Any help will be greatly appreciated.
Thanks,
Amit Singh
I fixed the issue using the VF page as alternative of JavaScript. :)
All Answers
I fixed the issue using the VF page as alternative of JavaScript. :)
As I mentioned, I used a VF page and then handled everything there