Invoking Apex code from the standard Entity Details pages with CSRF protection - Ideas - Salesforce Trailblazer Community
Trailblazer Community

All Ideas

Idea Details

Post an Idea
330  Points
Idea has been posted. Give it an upvote or downvote.

Invoking Apex code from the standard Entity Details pages with CSRF protection

Opportunities & Quotes

There is currently no way to invoke Apex code directly from the standard Opportunity Details page that is CSRF protected when using a custom button. Instead the user needs to be redirected to a separate Visualforce page to press another button in a form or the entire Opportunity Details page gets replaced with a Visualforce page override and the button added to a form there.


One possible solution would be to have an option on custom buttons that will render them in HTML within a form and then utilize the inbuilt post back protection.

Merge Idea · Flag

  • Upvotes
  • Downvotes



from AppExchange


No results found.

Help us to keep IdeaExchange clean by pointing out overlapping ideas. We'll investigate your suggestion and merge the ideas if it makes sense.



Thanks for your merge suggestion. We will review it shortly and merge the ideas if applicable.

Salesforce takes abuse situations very seriously. Examples of abuse include but are not limited to posting of offensive language or fraudulent statements. To help us process your request as quickly as possible, please fill out the form below describing the situation. For privacy and security reasons, the final outcome of an abuse case may not be revealed to the person who reported it.


Thank you for your feedback. We take abuse seriously and will investigate this issue and take appropriate action.