Lightning Aura Components Developer Guide

Introducing Aura Components
Quick Start
Creating Components
Using Components
Communicating with Events
Communicating Across the DOM with Lightning Message Service
Creating Apps
Styling Apps
Developing Secure Code
Lightning Locker
Lightning Web Security
Content Security Policy Overview
Using JavaScript
Working with Salesforce Data
Testing Components
Debugging
Performance
Reference
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Developing Secure Code

The Lightning Locker architectural layer enhances security by isolating individual Lightning namespaces in their own containers and enforcing coding best practices. Lightning Web Security is designed to make it easier for your components to use secure coding practices and aims to replace Lightning Locker over time. In Setup, you can switch between using Lightning Web Security or Lightning Locker.

The framework also uses JavaScript Strict mode to turn on native security features in the browser, and Content Security Policy (CSP) rules to control the source of content that can be loaded on a page.