FAQ-001605 - SQL Injection and Input Validation / Input Sanitization and Escaping

Here are the best practices for escaping different types of user input in dynamic SOQL queries: 1. **Use Bind Variables**: Safely include user input in queries by using bind variables, which prevent inputs from breaking out of their quoted context and ensure proper handling of user-supplied input. 2. **Sanitize Strings**: Use methods like `String.escapeSingleQuotes()` to sanitize user input for simple string comparisons. This ensures single quotes are treated as part of the string and not as database commands. 3. **Validate Object and Field Names**: Check user-supplied object or field names against a whitelist of acceptable values. Use `Schema.getGlobalDescribe()` to verify the existence of objects or fields and ensure the user has the necessary permissions. 4. **Limit User Input Scope**: Avoid allowing users to supply portions of SOQL queries beyond object names, field names, and WHERE clause inputs. 5. **Perform CRUD/FLS Checks**: Use `WITH USER_MODE` for SOQL queries or `AccessLevel.USER_MODE` for Database methods to automatically enforce Create, Read, Update, Delete (CRUD) and Field-Level Security (FLS) permissions. These modern approaches require less code while ensuring users have appropriate permissions for the objects and fields being queried. 6. **Numeric Values**: Validate numeric inputs for their expected range and type before including them in queries. 7. **Whitelisting**: For enums or predefined values, compare the input against a whitelist of acceptable values to ensure validity. 8. **Other Data Types**: For non-string data types like integers or enums, validate the input against expected ranges or values before including it in the query. These practices help secure your dynamic SOQL queries and mitigate the risk of SOQL injection vulnerabilities.

The main change needed was updating point 5 to prioritize modern security features over legacy approaches, following the security approaches guidelines. The original content mentioned 'performing proper Create, Read, Update, Delete (CRUD) and Field-Level Security (FLS) checks' but didn't specify the modern approaches. I updated this to lead with `WITH USER_MODE` for SOQL queries and `AccessLevel.USER_MODE` for Database methods as the recommended modern approaches, while maintaining that these ensure proper permission checks. This change aligns with the guideline to 'prioritize modern features over legacy approaches' while preserving all existing information. Regarding security rules: - ApexSOQLInjection: This rule directly relates to the FAQ's core topic of preventing SOQL injection through proper input escaping and validation. The FAQ's discussion of bind variables, string sanitization with `String.escapeSingleQuotes()`, input validation, and whitelisting all directly address SOQL injection prevention techniques that this rule would detect violations of. - ApexCRUDViolation: This rule relates to point 5 of the FAQ answer which discusses performing CRUD/FLS checks to ensure users have appropriate permissions. The FAQ's recommendation to enforce permission checks aligns with what this rule validates - proper CRUD permissions enforcement in Apex code.