JavaScript and Objects in HTML Attributes

For security reasons, only Business Manager users with strong authentication, such as through multifactor authentication with Account Manager, can include JavaScript and objects embedded with iframe, object, applet, or embed tags in the HTML attributes of a database object.

A Business Manager user with strong authentication can temporarily allow users without strong authentication to include JavaScript and embed objects in HTML attributes. Go to Administration > Global Preferences > JavaScript in Attributes, and click Enable. For 1 hour, users without strong authentication can include JavaScript and embed objects in HTML attributes.

To authenticate users using multifactor authentication with Account Manager, enable Unified Authentication with Account Manager in Business Manager at Administration > Global Preferences > Security. Also, in Account Manager, assign the user’s account to a role that requires multifactor authentication.

Important: Separate from the issue of JavaScript and embedded objects in HTML attributes, Salesforce strongly recommends that you implement multifactor authentication for all Business Manager users.

© Copyright 2000-2021, salesforce.com inc. All rights reserved. Various trademarks held by their respective owners.

 Show URL Submit FeedbackPrivacy Policy
X Privacy Update: We use cookies to make interactions with our websites and services easy and meaningful, to better understand how they are used. By continuing to use this site you are giving us your consent to do this. Privacy Policy.