Shopping Cart

No products in the cart.

Quality Clouds Community
Quality Clouds Community

Cross-Domain Session Information Is Exchanged Using A GET Request Instead Of A POST Request

< 1 min read

Impact Area

Security

Severity

Medium

Affected Element

Org Config

Rule ID #

SF-0164

Impact #

Session data is exposed when making cross-domain requests with GET requests. This is not the case with POST requests.

Remediation #

Configure your Org to use POST requests when making cross-domain calls as described in this Salesforce documentation page.

Time to fix #

30 min

References #

This rule is linked to Common Weakness Enumeration CWE-1021 Improper Restriction of Rendered UI Layers or Frames.

Updated on March 21, 2025
Table of contents
Was it helpful ?

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups

Please allow a few minutes for this process to complete.

Report

You have already reported this .