+ Start a Discussion
Nisar AhmedNisar Ahmed 

inputText_Ignoring_FLS Issue in Security Scanner

Hi All,

I am unable to overcome the error 'inputText_Ignoring_FLS' for the below statement which I have used in a VF page.
<apex:inputText id="name" value="!CustomerFirstName}" styleClass="dropdown1"</apex:inputText>

I have tried the rendered attribute as given in the developerforce document (link below) and an example which I have tried.
http://wiki.developerforce.com/page/Enforcing_CRUD_and_FLS
Eg.,
<apex:inputText  id="name"  value="!CustomerFirstName}"  styleClass="dropdown1"
                    rendered="{!$ObjectType.Appointment__c.Fields.Customer_Name__c.createable}" >
</apex:inputText>

I am using Apex property in the controller for some reason, hence inputText in the VF page.

Is there any way on how to overcome this issue using apex:inputText only(but not apex:inputField) in the page.
Any help will be highly appreciated.

Regards,
Nisar Ahmed
aalbertaalbert
Is the Vf compilation throwing that error? Or the security scanner report is stating that Ignore FLS error message?
Nisar AhmedNisar Ahmed
Hi aalbert,

The security scanner report is stating the "inputText_Ignoring_FLS" error message.
rsussland1.3941454521432693E12rsussland1.3941454521432693E12
Hi Nisaar,

Yes, this is a false positive. As the automatic scanner is not aware of the render tag, this pattern is susceptible to positives.