SFDC Stop - Always the latest about Salesforce


Full Tutorial Series with videos, free apps, live sessions, salesforce consulting and much more.


Telegram logo   Join our Telegram Channel

Friday, 21 September 2018

Decoding Locker Service - Dreamforce 2018

A big thanks to Salesforce Ohana who attended my session on "Decoding Locker Service" at Dreamforce 2018. I am sharing all the resources for my session below. As my session is recorded, so I am not going to add a full description of code this time. You'll be able to understand the presentation and the code too if you have a look at the below resources:-

Video of Live Session at Dreamforce 2018


Presentation used in the video at Dreamforce 2018


The whole code used in my session can be downloaded from my GitHub Repository here:- https://github.com/rahulmalhotra/DF18LockerService

A summary of the session and points to remember
  1. Locker Service is a powerful security architecture for Lightning Components.
  2. It prevents cross site scripting and other security issues.
  3. It enables ES6 mode which enforce best practices of JavaScript. For Ex:- Using a var keyword while declaring a variable.
  4. If there are two lightning components, then they can have access to each other's rendered data only if they are in the same namespace. For Ex:-

    lightning:button
    and lightning:input are both in the lightning namespace. Whereas if we consider lightning:button and <c:MyCustomComponent /> then one is in lightning namespace and other is in org's default c namespace. So, they cannot have access to each other's rendered data.
  5. We always get secure wrappers each time we try to access a global js object in lightning.For Ex:- window, element, event are all secure wrappers and not actual DOM global objects.
  6. These secure wrappers implement security by limiting the functions or operations available and hiding the outdated or private ones.
  7. The example of the above point can be seen when you try to click a lightning:button using js click() method. This is not allowed in locker service.

    You obviously don't want your calendar app installed from appexchange which have a different namespace click the save button in lightning namespace and play around your org...do you ??
  8. Salesforce classic and vf are not affected by locker service. So, it's another major reason to migrate to lightning.
  9. If a lightning component is used in visualforce, it is affected by locker service.
  10. You can disable locker service by setting the component's API version to 39.0 or lower. It is automatically disabled in unsupported browsers like IE11.
  11. Make sure to don't mix the component with and without using locker service as one will deal with secure wrappers and other with actual DOM global objects that can create problems while interacting.
I hope by having a look at the session and resources, your concept will be more clear than before about Locker Service in Salesforce Lightning. However, if there is still any requirement, let me know in comments below and I can repeat this session online or at a meetup of your local user group.

Sharing a picture of my session at Dreamforce 2018 below, hope to see you in the next one too.
Decoding Locker Service Session at Dreamforce 2018 by Rahul Malhotra (@rahulcoder)
Happy Trailblazing..!!

No comments:

Post a comment