What is a best practice when passing query parameters from user interface to an apex controller?

B2B Commerce Developer V2 0 Comments

What is a best practice when passing query parameters from user interface to an apex controller?
A . Query parameters should be properly sanitized by using JSINHTMLENCODE within the VisualForce Page or Component.
B . String parameters should be trimmed using String.trim().
C . Query parameters should be passed only to Salesforce B2B Commerce classes that you are extending.
D . Query parameters should be stored on a backbone model prior to passing them to the server

Answer: A

Explanation:

A best practice when passing query parameters from user interface to an apex controller is to query parameters should be properly sanitized by using JSINHTMLENCODE within the VisualForce Page or Component. This function will encode any special characters in the query parameters to prevent cross-site scripting (XSS) attacks or SOQL injection attacks.

For example, ccrz.ccRemoteActions.getProducts(‘{!JSINHTMLENCODE(searchTerm)}’) will encode the searchTerm parameter before passing it to the apex controller.

Salesforce Reference: B2B Commerce and D2C Commerce Developer Guide, Security

Latest B2B Commerce Developer Dumps Valid Version with 79 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download B2B Commerce Developer PDF     B2B Commerce Developer Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments