FAQ-000171 - CSRF and DML Security Issues / DML Operations on Component Load

DML operations on component load are considered a CSRF vulnerability in Salesforce because they bypass the platform's default CSRF protection. When these operations are triggered automatically during page initialization (e.g., in Visualforce pages, Lightning components, or Aura components), they execute without requiring user interaction. This makes them susceptible to unauthorized actions that could be exploited by malicious actors during an authenticated session. To mitigate this risk: - Trigger state changes or DML operations through explicit user actions, like button clicks. - Enable CSRF protection mechanisms, such as the `confirmationTokenRequired` attribute.

The FAQ contains redundant wording where it says DML operations 'could be exploited by malicious actors to execute unauthorized actions during an authenticated session' - this repeats the concept of 'unauthorized actions' twice in one sentence. I simplified this to flow better while preserving all the technical information and security guidance. For security rules: - ApexCSRF: This rule directly relates to the FAQ's core topic. The FAQ explains why DML operations on component load are CSRF vulnerabilities, and this rule specifically detects CSRF vulnerabilities in Apex code. The FAQ content about 'bypassing platform's default CSRF protection' and the mitigation advice about 'explicit user actions' and 'confirmationTokenRequired' directly aligns with what this rule would flag. - VfCsrf: This rule is relevant because the FAQ specifically mentions 'Visualforce pages' as one of the contexts where this CSRF vulnerability occurs. The rule detects CSRF issues in Visualforce, and the FAQ's discussion of Visualforce page initialization executing DML without user interaction is exactly what this rule addresses.