Salesforce Spring ’21 Highlights / KeyPoints / Non-Lightning

Protect Users from Insecure Downloads in Chrome

Broken Images, error results, error in attachments that are being hosted on a non-secure HTTP page.

We need to make sure that all the connections to and from Salesforce are HTTPS.

Build Customer Trust with the Error Handler System Dialog (Chat Bot)

This feature will be helpful in handling the errors that are occurred after initiated ChatBot. A more detailed description of errors for handling as required.

Refer the security URL in static resources

To maintain security, maintain the URLs in the Static Resources and refer in code.

View All, Modify All, Edit, and Delete Object Permissions Removed for Guest Users

 Need to check if the Guest User profile has the Permissions to Create, Read, Update Permissions on the related Objects

Obsolete Permissions from Guest User Profiles Were Removed

Permissions which are not tied to any App are removed from the Guest user Profile.

Guest Users can only have Create and Read only object permissions

Mixed Content Downloads Blocked in Google Chrome

An example of a mixed content download is placing a link to an HTTP site on a Salesforce HTTPS page. This is related to Insecure downloads in Chrome.

Convert the Read Only Standard Profile to a Custom Profile (Update in Summer ‘21)

 This update converts the Read Only standard profile to a custom profile. After the update is enforced, you can edit permissions in this profile as your business needs require.

The Read Only Profile Is No Longer Available in New Salesforce Orgs

Salesforce orgs created in Spring ’21 and later don’t have the Read Only standard profile.

Enable HTTPS on Your Domains

Needs to redirect the public site HTTP URLs to HTTPS

Make sure to check all the sites and Sessions settings – The checkbox Require secure connections (HTTPS) for all third-party domains should be checked.

Chandra V – 01/11/2021