Insecure Processing of Data
This category covers the following issues:
Cross-Site Scripting (XSS)
Why is this important?
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise trusted websites. XSS attacks allow attackers to target legitimate users of a web application by sending malicious script code to them.
Check out this video for a high-level explanation:
Fixing Cross-Site Scripting
Option A: Enable escaping for addError()
- Go through the issues that GuardRails identified in the PR.
- Look for patterns like this:
public without sharing class Foo {
Trigger.new[0].addError(vulnerableHTMLGoesHere, false);
}
- And ensure that escaping is enabled, or that the input is safe.
public without sharing class Foo {
Trigger.new[0].addError(vulnerableHTMLGoesHere, true);
}
- Test it
- Ship it 🚢 and relax 🌴
Option B: Perform output encoding
- Go through the issues that GuardRails identified in the PR.
- Look for patterns like this:
public without sharing class Foo {
String unescapedstring = ApexPage.getCurrentPage().getParameters.get('url_param');
String usedLater = unescapedstring;
}
- And ensure that the values are properly escaped/sanitized:
public without sharing class Foo {
String unescapedstring = ApexPage.getCurrentPage().getParameters.get('url_param');
String escapedstring = ESAPI.encoder().SFDC_HTMLENCODE(unescapedstring);
String usedLater = escapedstring;
}
- Test it
- Ship it 🚢 and relax 🌴
More information:
Open Redirect
Why is this important?
Open Redirects allow attackers to redirect legitimate users to an attacker-controlled location. This is typically used to make phishing attacks more successful.
Check out this video for a high-level explanation:
Fixing Open Redirects
Option A: Avoid dynamic values in redirects
- Go through the issues that GuardRails identified in the PR.
- Look for patterns like this:
public without sharing class Foo {
String unsafeLocation = ApexPage.getCurrentPage().getParameters.get('url_param');
PageReference page() {
return new PageReference(unsafeLocation);
}
}
- Ensure that the location is either static, or the user input is sanitized.
- Test it
- Ship it 🚢 and relax 🌴