PDI Exam Dumps | A developer has a Apex controller for a Visualforce page that takes an ID as a URL parameter. How should

Home
Salesforce
Platform Developer I (PDI)
Salesforce.PDI.v2023-07-24.q102
Question 84

Valid PDI Dumps shared by EduDump.com for Helping Passing PDI Exam! EduDump.com now offer the newest PDI exam dumps, the EduDump.com PDI exam questions have been updated and answers have been corrected get the newest EduDump.com PDI dumps with Test Engine here:

Access PDI Dumps Premium Version
(205 Q&As Dumps, 35%OFF Special Discount Code: freecram)

<< Prev Question Next Question >>

Question 84/102

A developer has a Apex controller for a Visualforce page that takes an ID as a URL parameter. How should the developer prevent a cross site scripting vulnerability?

A. ApexPages.currentPage() .getParameters() .get('url_param')

B. String.escapeSingleQuotes(ApexPages.currentPage() .getParameters(). get('url_param'))

C. String.ValueOf(ApexPages.currentPage() .getParameters() .get('url_param'))

D. ApexPages.currentPage() .getParameters() .get('url_param') .escapeHtml4()

Correct Answer: D

Recent Comments (The most recent comments are at the top.)

Fa3il khayr - Feb 28, 2024

Correct answer should be A , here is why :

String.escapeSingleQuotes is used to prevent SQL injection attacks and not crss attacks
String.valueof does nothing but converting to a String type ( the method returns a string datatype tho )
String.escapeEcmaScript(), String.escapeHtml3(), and String.escapeHtml4(). These functions are based on Apache's StringEscapeUtils package which was not designed for security encoding and should not be used

Reference : https://developer.salesforce.com/docs/atlas.en-us.secure_coding_guide.meta/secure_coding_guide/secure_coding_cross_site_scripting.htm

Panos - Dec 14, 2023

A.?
"Do not use the built in Apex String Encoding functions: String.escapeEcmaScript(), String.escapeHtml3(), and String.escapeHtml4(). These functions are based on Apache's StringEscapeUtils package which was not designed for security encoding and should not be used."
https://developer.salesforce.com/docs/atlas.en-us.secure_coding_guide.meta/secure_coding_guide/secure_coding_cross_site_scripting.htm

Your email address will not be published. Required fields are marked *

Comment: *

Name: *

Email: *

Rating: *

Verification: *

Question List (102q): 1 commentQuestion 1: A developer is asked to create a Visualforce page for Opport...; Question 2: How can a developer determine, from the DescribeSObjectResul...; Question 3: How can a developer avoid exceeding governor limits when usi...; Question 4: What is a capability of formula fields? (Choose 3)...; Question 5: A developer creates a new Apex trigger with a helper class, ...; 4 commentQuestion 6: Given the code below: (Exhibit) What should a developer do t...; 1 commentQuestion 7: Application Events follow the traditional publish-subscribe ...; Question 8: When viewing a Quote, the sales representative wants to easi...; Question 9: Universal Containers hires a developer to build a custom sea...; Question 10: Which statement generates a list of Leads and Contacts that ...; Question 11: A developer needs to join data received from an integration ...; Question 12: A developer needs to test an Invoicing system integration. A...; Question 13: Which Apex class contains methods to return the amount of re...; Question 14: Which three steps allow a custom SVG to be included in a Lig...; 2 commentQuestion 15: Which approach should be used to provide test data for a tes...; 1 commentQuestion 16: Universal Containers decides to use purely declarative devel...; 2 commentQuestion 17: What is the result of the debug statements in testMethod3 wh...; 2 commentQuestion 18: Cloud Kicks Fitness, an ISV Salesforce partner, is developin...; 4 commentQuestion 19: Which two sosl searches will return records matching search ...; Question 20: In which two org types can a developer create new Apex Class...; Question 21: A developer needs to confirm that a Contact trigger works co...; 1 commentQuestion 22: A developer is creating a Visualforce page that allows users...; 1 commentQuestion 23: What is a benefit of the Lightning Component framework?Choos...; Question 24: A primaryid_c custom field exists on the candidate_c custom ...; 1 commentQuestion 25: A developer Is asked to create a Visualforce page that lists...; Question 26: A developer is creating an enhancement to an application tha...; Question 27: Which Lightning code segment should be written to declare de...; 4 commentQuestion 28: A developer has requirement to write Apex code to update a l...; Question 29: A developer is tasked with performing a complex validation u...; Question 30: A developer must provide a custom user interface when users ...; Question 31: A developer must modify the following code snippet to preven...; 2 commentQuestion 32: Which statement about the Lookup Relationship between a Cust...; Question 33: What can be used to override the Account's standard Edit but...; Question 34: Which two process automations can be used on their own to se...; Question 35: What are three ways for 2 developer to execute tests in an o...; 1 commentQuestion 36: A developer in a Salesforce org with 100 Accounts executes t...; Question 37: A developer has a single custom controller class that works ...; Question 38: What is a correct pattern to follow when programming in Apex...; 3 commentQuestion 39: Universal Containers stores Orders and Line Items in Salesfo...; 3 commentQuestion 40: Given the following Anonymous Block: (Exhibit) Which one do ...; Question 41: How should a custom user interface be provided when a user e...; Question 42: If apex code executes inside the execute() method of an Apex...; 2 commentQuestion 43: A developer created a visualforce page using a custom contro...; Question 44: What is an important consideration when developing in a mult...; Question 45: An Apex method, getAccounts, that returns a List of Accounts...; 3 commentQuestion 46: A developer needs to create a custom button for the Account ...; 5 commentQuestion 47: A business has a proprietary Order Management System (OMS) t...; Question 48: Considering the following code snippet: (Exhibit) When the c...; Question 49: Which three data types can a SOQL query return? Choose 3 ans...; 9 commentQuestion 50: A developer writes a trigger on the Account object on the be...; 3 commentQuestion 51: What will be the output in the debug log in the event of a Q...; 4 commentQuestion 52: Refer to the following code snippet for an environment that ...; Question 53: How should a custom user interface be provided when a user e...; Question 54: When using SalesforceDX, what does a developer need to enabl...; 2 commentQuestion 55: What is accurate statement about with sharing keyword? Choos...; Question 56: What is a good practice for a developer to follow when writi...; 4 commentQuestion 57: A developer can use the debug log to see which three types o...; 1 commentQuestion 58: A developer needs to implement a custom SOAP Web Service tha...; 2 commentQuestion 59: A developer is migrating a Visualforce page into a Lightning...; 3 commentQuestion 60: A developer writes a single trigger on the Account object on...; Question 61: What are three ways for a developer to execute tests in an o...; Question 62: Assuming that 'name; is a String obtained by an <apex:inp...; 2 commentQuestion 63: What is a benefit of using a trigger framework?...; 1 commentQuestion 64: A developer writes a trigger on the Account object on the be...; 1 commentQuestion 65: In Lightning component framework, which resource can be used...; Question 66: What are two considerations for custom Apex Exception classe...; Question 67: Which two statements are true about Apex code executed in An...; Question 68: What actions types should be configured to display a custom ...; Question 69: Cloud Kicks Fitness, an ISV Salesforce partner, is developin...; 1 commentQuestion 70: In the following example, which sharing context will myMetho...; Question 71: A developer created these three Rollup Summary fields in the...; Question 72: Universal Containers has a support process that allows users...; 3 commentQuestion 73: A developer has the following code:try {List nameList;Accoun...; Question 74: Which scenario is invalid for execution by unit tests?...; Question 75: Universal Containers wants Opportunities to be locked from e...; 1 commentQuestion 76: In order to override a standard action with a visualforce pa...; Question 77: A developer needs to avoid potential system problems that ca...; 3 commentQuestion 78: A developer migrated functionality from JavaScript Remoting ...; Question 79: Which type of controller should a developer use to include a...; Question 80: A developer must implement a CheckPaymentProcessor class tha...; Question 81: A newly hired developer discovers that there are multiple tr...; 1 commentQuestion 82: Universal Container is building a recruiting app with an App...; Question 83: A developer needs to know if all tests currently pass in a S...; 2 commentQuestion 84: A developer has a Apex controller for a Visualforce page tha...; Question 85: A sales manager wants to make sure that whenever an opportun...; Question 86: A Salesforce Administrator is creating a record-triggered fl...; 1 commentQuestion 87: When are code coverage calculations updated?...; 2 commentQuestion 88: Universal Containers has created a unique process for tracki...; Question 89: A developer uses a loop to check each Contact in a list. Whe...; Question 90: What is the minimum log level needed to see user-generated d...; 1 commentQuestion 91: A developer declared a class as follow. public class wysiwyg...; 2 commentQuestion 92: Which scenario is valid for execution by unit tests?...; 1 commentQuestion 93: Which three web technologies can be integrated into a Visual...; Question 94: Which three steps allow a custom SVG to be included in a Lig...; 2 commentQuestion 95: Refer to the following code that runs in an Execute Anonymou...; Question 96: A developer receives an error when trying to call a global s...; Question 97: A developer must create a CreditcardPayment class that provi...; Question 98: A developer observes that an Apex test method fails in the S...; 2 commentQuestion 99: Given: Map<ID, Account> accountMap = new Map>ID, Ac...; Question 100: Which option would a developer use to display the Accounts c...; 3 commentQuestion 101: A lead developer creates an Apex interface called "Laptop". ...; 1 commentQuestion 102: A developer wants to mark each Account in a List<Account&...

[×]

Download PDF File

Enter your email address to download Salesforce.PDI.v2023-07-24.q102.pdf

Email:

Disclaimer:
Freecram doesn't offer Real GIAC Exam Questions. Freecram doesn't offer Real SAP Exam Questions. Freecram doesn't offer Real (ISC)² Exam Questions. Freecram doesn't offer Real CompTIA Exam Questions. Freecram doesn't offer Real Microsoft Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates.
Freecram material do not contain actual actual Oracle Exam Questions or material.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation.
Freecram Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc.
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Freecram does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Freecram does not own or claim any ownership on any of the brands.

Question 84/102

Recent Comments (The most recent comments are at the top.)

LEAVE A REPLY

Download PDF File