function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
atifuddinatifuddin 

I received an failure after submitting to security review process

I received an failure after submitting to security review process .

How to fix this error do i need to include https tag in the script to get ride of this error..

Insecure Remote File Include Vulnerability

References to all external endpoints, javascripts, and web resources of any kind should use https if the endpoint supports it. By including mixed content into the page, the client requests that object in cleartext, allowing an attacker to exploit the connection between the client and the unencrypted server and inject malicious content into the context of the encrypted page.

More Info at http://wiki.developerforce.com/index.php/Secure_Coding_Secure_Communications

File

./components/deliverymapcomponent.component:71

Code

 <script type="text/javascript" src="http://maps.googleapis.com/maps/api/js?key=AIzaSyDFxthv0GaBMiiIezGsuFq_MHbfNSyTOXg&sensor=false"></script>
SamuelDeRyckeSamuelDeRycke

Going by the error message, doesn't it work to make it https ? the file is accesible over https.

 

https://maps.googleapis.com/maps/api/js?key=AIzaSyDFxthv0GaBMiiIezGsuFq_MHbfNSyTOXg&sensor=false
atifuddinatifuddin
Thanks,
I received the mail that i didn't pass the security review process due to some issues.The file of 
which they have forward shows me only one vulneral attack.which was Https issue.
Just I want to confirm that ,If I clear of this error than  am I done with security review process. 
SamuelDeRyckeSamuelDeRycke

I haven't personally done that security review process, I can't confirm that my suggestion will get you through that. But it is what I would try :p. I'm somewhat of a trail-error developer.