Security Best Practices for Developers
As a B2C Commerce developer, use these security best practices to develop secure storefronts.
- Encryption and Cryptography
Salesforce B2C Commerce extends Salesforce-maintained cryptography libraries that enable you to safely encrypt, sign, and generate cryptographically strong tokens and secure random identifiers. Salesforce maintains industry standard compliance frameworks as noted on the B2C Commerce page on Salesforceβs Trust Compliance website. - Cross-Site Scripting
Cross-site scripting (XSS) lets attackers inject client-side JavaScripts into a webpage viewed by a targeted user. To prevent malicious attacks through content manipulation, you must properly encode all user-provided content. - Declarative Security via HTTP Headers
You can use declarative security controls as a strong line of defense against client browser-based attacks such as clickjacking and offer built-in browser protection against cross-site scripting (XSS). The OWASP Secure Headers Project describes HTTP response headers that your application can use to increase the security of your application. - Commerce Script Injection
Server script injection, or remote code execution, is a class of attack where maliciously crafted input is run in a privileged code execution context. This class of attack lets an attacker control the code executed on the server. - Cross-Site Request Forgery
Every storefront contains some protected requests that require a high level of security protection. Authenticated shoppers who change their accounts or submit personal data to a server to complete an action typically perform these requests. Users expect that they alone make these requests, and only when they specifically initiate the request. - Secret Storage
Storing and using secrets is one of the most sensitive actions taken by a developer to ensure the security of shopper information. A secret can be, and is not limited to, the following items. - Using Hooks Securely
In Salesforce B2C Commerce, you can use hooks as a powerful tool to extend default functionality. Like all powerful tools, however, hooks are dangerous if not used properly. - Data Validation
Validating user input is the basis of application security. Data validation ensures that it is exactly the kind of data that an application expects. Invalid requests are generally rejected outright and an error is returned to users. You can choose where to perform data validation, but we focus on client- and server-side validation. - Open Redirect Attacks
When a web application trusts user input as a redirect destination, an attacker can use that input to redirect users to a website that they control and steal their information. - Authentication and Authorization
Exploitation of access control vulnerabilities is a core skill of attackers. To protect against the attackers, enforce server-side access control checks for business functions such as account management, order management, and purchasing. - Supply Chain Security
Unverified software sources included through uploads and external linking represent potential vectors for attack. - Secure Logging
Salesforce B2C Commerce logs are stored securely and are accessible only to users in thesite_admin
ordeveloper
roles. Logs are accessible via the web interface or over WebDAV. Consider this when you decide what types of information to log. - General Secure Coding Practices
Even with all the security controls that Salesforce B2C Commerce provides, poor coding practices can negate these controls and introduce weaknesses. Please refer to the OWASP Secure Coding Practices - Quick Reference Guide for general recommendations.
Infocenter Retirement: On June 30, 2023, the Infocenter was retired, and documentation currently hosted on the Infocenter will be published to Salesforce Help, Commerce Cloud Developer Center, and Salesforce B2C Commerce Developer Documentation Resources. For more information, see the release note.