+ Start a Discussion
teachMeSFDCteachMeSFDC 

Help required for security Review

Hi all....

 

 

Can anyone tell me if there is any tool which can help our org in getting review on salesforce security. We are adding a a product on Appexchange and we want to review the security features before the package goes to Salesforce.

 

Is there any tool that would test the package.

 

Please let me know..

i would be really thankful...

sanjdevsanjdev

Hi,

 

Please go through the below link it will help you a lot.

 

http://www.tgerm.com/2011/07/salesforce-appexchange-security-review.html

 

Mark it as resolved if it helps you.

 

Sanj

Ulas KutukUlas Kutuk

At first upload your package here and check the result.

http://security.force.com/security/tools/forcecom/scanner    

( Friendly Reminder:Each controller need to use assert methods, and also remove all debug logs from your code,and you can not run or call  DML Operations in constructor) 


sfdcfoxsfdcfox

Not only can you not call DML in the constructor, you must also not call a DML in a method that will be called by an apex:page tag's action attribute:

 

<apex:page controller="myController" action="{!deleteRecord}">

In other words, you must not create a page that performs a DML action simply by being accessed by the user.