FAQ-001616 - SQL Injection and Input Validation / Secure Implementation Documentation

To defend a dynamic SOQL implementation, you should highlight the following security measures: 1. **Use Bind Variables**: Include user-supplied input in queries using bind variables to prevent input from breaking out of its quoted context. 2. **Sanitize User Inputs**: Use methods like `String.escapeSingleQuotes()` to handle single quotes in strings, ensuring they're treated as part of the string and not as database commands. 3. **Validate Object and Field Names**: Check their existence in the schema using `Schema.getGlobalDescribe()` and ensure the user has the necessary permissions with `getDescribe()` methods. 4. **Restrict User-Supplied Query Portions**: Limit user input to object names, field names, and WHERE clause inputs only. 5. **Perform CRUD/FLS Checks**: Ensure users have the appropriate permissions for the objects and fields being queried. Use `WITH USER_MODE` for SOQL queries or `AccessLevel.USER_MODE` for Database methods to automatically enforce these permissions. 6. **Avoid User-Generated Queries in Apex**: Since Apex runs in system mode, avoid executing user-generated queries. For complex queries, consider using the REST or SOAP API. 7. **Sanitize Parameters in Public Methods**: Ensure all public methods containing database operations sanitize the parameters passed to them. These practices help mitigate risks like SOQL injection and unauthorized data access.

The FAQ content is largely accurate and comprehensive for defending dynamic SOQL implementations. The main improvement made was to point 5 (CRUD/FLS Checks), where I enhanced the existing guidance by adding modern approaches (`WITH USER_MODE` and `AccessLevel.USER_MODE`) while preserving the original content. This follows the security approaches guidelines to prioritize modern features while not removing existing valid approaches. I also improved the tone slightly by using contractions ("they're" instead of "they are") to make it more conversational. For security rule associations: - **ApexSOQLInjection**: This rule directly relates to the FAQ's core purpose of defending against SOQL injection attacks. The FAQ's points about bind variables, input sanitization, validation, and restricting user input all specifically address SOQL injection prevention. - **ApexCRUDViolation**: Point 5 explicitly discusses performing CRUD/FLS checks and ensuring proper permissions, which directly corresponds to this rule's purpose of detecting missing CRUD permissions. - **ApexSharingViolations**: The FAQ discusses data access security and running queries in system mode (point 6), which relates to sharing rule violations and unauthorized data access that this rule detects.