ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5389/apex/rule.adoc
Fred Tingaud 16f6c0aecf
Inline adoc when include has no additional value (#1940) 
Inline adoc files when they are included exactly once.

Also fix language tags because this inlining gives us better information
on what language the code is written in.
2023-05-25 14:18:12 +02:00

179 lines
3.3 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

== Why is this an issue?
Using absolute URLs to Salesforce Pages is bug prone. Different sandboxes and production environments will have different instance names (like "na10", "na15" etc.). Code using absolute URLs will only work when it runs in the corresponding salesforce instances. It will break as soon as it is deployed in another one. Thus only relative URLs, i.e. without the domain and subdomain names, should be used when pointing to a salesforce page.
This rule raises an issue when a string matches the regular expression:
{noformat}
(?<!\w)(login|test|(dns|test|[a-z]{1,2})\d{plus}{plus})\.(salesforce|force|visual\.force|content\.force)\.com(?!\w)
{noformat}
=== Noncompliant code example
[source,apex]
----
public PageReference testRedirect() {
String strUrl ='https://na8.salesforce.com/TestVFPage?AcoountId=999'; // Noncompliant
PageReference newUrl = new PageReference(strUrl);
newURL.setRedirect(true);
return newURL;
}
----
=== Compliant solution
[source,apex]
----
public PageReference testRedirect() {
String strUrl = URL.getSalesforceBaseUrl().toExternalForm() + '/TestVFPage?AcoountId=999';
PageReference newUrl = new PageReference(strUrl);
newURL.setRedirect(true);
return newURL;
}
OR
public PageReference testRedirect() {
String strUrl = URL.getOrgDomainUrl().toExternalForm() + '/TestVFPage?AcoountId=999';
PageReference newUrl = new PageReference(strUrl);
newURL.setRedirect(true);
return newURL;
}
----
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
=== Message
Make this absolute URL relative.
=== Highlighting
The URL String
'''
== Comments And Links
(visible only on this page)
=== on 6 Aug 2019, 10:46:28 Alban Auzeill wrote:
\[~nicolas.harraudeau],
I disagree with the regular expression (http|https)://[^/]\.(salesforce|force)\.com.*
IMO it's too generic (and by the way wrong because [^/] match only one character), we should only report issues for server hostnames that belong to a group, for example:
{noformat}
dns03.salesforce.com
dns06.salesforce.com
ns2.salesforce.com
ns4.salesforce.com
https://cs1.salesforce.com
https://cs2.salesforce.com
https://c.cs3.visual.force.com
https://c.cs4.visual.force.com
https://na4.salesforce.com
https://ap7.salesforce.com
https://eu9.salesforce.com
https://cs12.salesforce.com
https://my-domain-dev-ed--c.na50.content.force.com/
test1.force.com
test3.force.com
https://login.salesforce.com (production)
https://test.salesforce.com (sandbox)
{noformat}
But not if the server hostname does not belong to a group, for example:
{noformat}
www.salesforce.com
admin.salesforce.com
blog.salesforce.com
community.salesforce.com
developers.salesforce.com
downloads.salesforce.com
info.salesforce.com
mail.salesforce.com
mobile.salesforce.com
support.salesforce.com
video.salesforce.com
mydomain.my.salesforce.com
m.force.com
error.force.com
payment.force.com
directory.force.com
database.force.com
redhat.force.com
cisco.force.com
dell.force.com
{noformat}
I prefer a more specific expression compliant with the above lists:
{noformat}
(?<!\w)(login|test|(dns|test|[a-z]{1,2})\d{plus}{plus})\.(salesforce|force|visual\.force|content\.force)\.com(?!\w)
{noformat}
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink