Disabled Lightning Locker | Clayton Advisor

Disabled Lightning Locker

Overview

Lightning Locker is the built-in security architecture for Lightning components. It enhances security by promoting several best practices, including eliminating access to specific APIs and framework internals. Lightning Locker can be disabled for an Aura component by setting the Salesforce API version to 39.0 or lower for the component. If an element is set to at least API version 40.0, Lightning Locker is enabled.

Business Impact

Increased risk of data breaches, financial loss, and reputational harm. Eroding customer trust and confidence.

Is your Salesforce solution affected by Disabled Lightning Locker?

Clayton detects anti-patterns and offers automated fix advice to kickstart your Well-Architected journey.

Scan your solution

Resources

Incidence

How common is this issue?

5%

lower

Exposure

How long do organizations remain exposed before fixing the problem?

58%

shorter

Frameworks

Trusted

Secure

Session Security

Session Management

A05:2021 – Security Misconfiguration

Found a mistake?

If you think something is incorrect, missing or misleading please let us know.

Report an error