Developing Secure Code

The LockerService architectural layer enhances security by isolating individual Lightning components in their own containers and enforcing coding best practices.

The framework uses Content Security Policy (CSP) to control the source of content that can be loaded on a page.