Other Security Changes: New Session Setting

We made changes that impact security, including securing connections for all third-party domains.

Secure HTTPS Connections for Third-Party Domains

To improve security, we added a session setting that ensures secure connections to all third-party domains. External assets, such as images and JavaScript files, automatically load over HTTPS to prevent interception by a malicious party. This feature is enabled by default on all accounts created after the Summer ’17 release.

To enable this security feature for existing accounts, from Setup, enter Session Settings in the Quick Find box. Then select Require secure connections (HTTPS) for all third-party domains.