Develop Secure Code

The Lightning Locker architectural layer enhances security by isolating individual Lightning component namespaces in their own containers and enforcing coding best practices. Lightning Web Security (LWS) is designed to make it easier for your components to use secure coding practices and aims to replace Lightning Locker. Lightning Locker has been the default security architecture for Lightning components. LWS started to replace Lightning Locker for Lightning web components initially in Spring ’22.

The Lightning Component framework uses JavaScript Strict mode to turn on native security features in the browser. It uses Content Security Policy (CSP) rules to control the source of content that can be loaded on a page.

See Also

• Salesforce Developers Blog: What ISV Partners Need to Know About Lightning Web Security