Scope and Visibility of @RemoteAction Methods

Apex @RemoteAction methods must be static and either global or public.
Globally-exposed remote actions shouldn’t perform sensitive operations or expose non-public data. global remote actions may only call other global methods. public remote actions may not be used in global components, or otherwise used in a global scope. Scope escalation will result in a compiler error or, for references that are resolved at runtime, a runtime failure. The following table describes these restrictions in more detail:
@RemoteAction Scope Visualforce Page Non-Global Component Global Component iframe
Global Remote Method Allowed Allowed Allowed Allowed
Public Remote Method Allowed Allowed Error Error
When remote actions are accessed via markup that is included indirectly, via components or the <apex:include> or <apex:composition> tags, the scope of the remote method is carried forward into the top level container, that is, the top level item in the inclusion hierarchy, which must abide by scope escalation rules:
Top Level Container
@RemoteAction Accessed From Visualforce Page Non-Global Component Global Component iframe
Global Component Allowed Allowed Allowed Allowed
Non-Global Component Allowed Allowed Allowed only if non-global component doesn't include public remote methods. Allowed only if non-global component doesn't include public remote methods.
<apex:include> <apex:composition> Allowed within the same namespace; error if namespaces are different, and the included page or its child hierarchy contains public remote methods. n/a n/a Error
Previous
Next