Announcement: Security changes release 21 & 22

In 2019 we have been busy upgrading the architecture of the Connexys application to meet the latest Salesforce security standards.

With release 21/22 we will be making some crucial changes to the application that will improve your security. We request you to take note of the following 2 items:

HTML Before and After

With release 21 in December 2019, we will be locking down the HTML before and after sections of the proposal portal, candidate application form and jobs subscription pages. In the future it will not be possible for you to directly add customizations like custom JavaScript, campaign URLs or Google Analytics to the before and after HTML sections.  

Under the extraordinary conditions that you may have to make a change, we provide a process to handle this change. Do note that custom code that you already have in the before and after HTML sections on or before release 21 will continue to exist and no action is needed on this.

CRUD/FLS

With release 22 we will be implementing post filter processing after records have been returned from a query. What this means is that after a query returns its results, we do another check according to CRUD and FLS to see if the user is allowed to view the queried records. On all Connexys pages, users will be able to view object records and fields only if they have read permissions to the objects and fields. 

A follow-up webinar will be arranged in October to explain each of these changes and to answer any questions you may have. Further communication about this will follow shortly.