FAQ-000229 - CSRF and DML Security Issues / Security Review and Documentation

Current Status:VALID_RESPONSEErrorUnable to AnswerSuggests Case

← Back to List View Prompt Template

Current FAQ

Question
When is it acceptable to perform a DML operation on page load, and how should I document this for security review?
Answer
Performing a DML operation on page load in Salesforce is generally not recommended due to security and performance concerns. However, if it's necessary for a specific use case, you must thoroughly justify and document it for the security review. Here's how: 1. **Business Use Case**: Provide a detailed explanation of why the DML operation on page load is required. 2. **Mitigation Measures**: Describe measures to prevent abuse, such as requiring user interaction (e.g., a button click) before executing the DML operation. 3. **Permission Checks**: Confirm that the operation adheres to CRUD/FLS checks and respects user permissions. 4. **False Positive Documentation**: If applicable, include a false positive document explaining why the operation does not pose a security risk. 5. **CSRF Protection**: Enable features like "Requires CSRF protection on GET requests" to mitigate vulnerabilities. By documenting these details, you can address potential concerns during the security review.

Enhancing FAQ with AI recommendations...

AI Recommended Enhancement

Related Security Rules (click to view)
ApexCSRFApexCRUDViolationVfCsrf
Question
When is it acceptable to perform a DML operation on page load, and how should I document this for security review?
Recommended Answer Update
Performing a DML operation on page load in Salesforce is generally not recommended due to security and performance concerns. However, if it's necessary for a specific use case, you must thoroughly justify and document it for the security review. Here's how: 1. **Business Use Case**: Provide a detailed explanation of why the DML operation on page load is required. 2. **Mitigation Measures**: Describe measures to prevent abuse, such as requiring user interaction (e.g., a button click) before executing the DML operation. 3. **Permission Checks**: Confirm that the operation adheres to CRUD/FLS checks and respects user permissions. 4. **False Positive Documentation**: If applicable, include a false positive document explaining why the operation does not pose a security risk. 5. **CSRF Protection**: Enable features like "Requires CSRF protection on GET requests" to mitigate vulnerabilities. By documenting these details, you can address potential concerns during the security review.
Reasoning
The FAQ content is accurate and well-structured, so no substantive changes are needed. The existing answer properly covers the key security concerns around DML on page load including CSRF protection, permission checks, and documentation requirements. Regarding security rules selected: 1. **ApexCSRF** - This rule directly relates to the FAQ's discussion of CSRF protection. The FAQ specifically mentions "Enable features like 'Requires CSRF protection on GET requests'" which is exactly what this rule detects - CSRF vulnerabilities in Apex controllers. 2. **ApexCRUDViolation** - This rule is highly relevant to the FAQ's point about "Permission Checks: Confirm that the operation adheres to CRUD/FLS checks and respects user permissions." The rule detects when Apex code performs DML operations without proper CRUD/FLS validation. 3. **VfCsrf** - This rule complements ApexCSRF by detecting CSRF issues in Visualforce pages, which is relevant since the FAQ discusses page load scenarios that could involve Visualforce pages with DML operations.
Reasoning References
Recommended Related Articles