The Lightning Locker Service enforces security in single-page applications built using Lightning Components. Locker uses a browser content security policy (CSP) to protect a web page against cross-site scripting (XSS), clickjacking, and other code injection attacks that result from the execution of malicious content in a trusted web page context.
Locker Services serve the following purposes:
- Protection against web security vulnerabilities.
- Adding namespaces to your components, preventing component code from accessing data from other components.
- A component code only has access to the DOM that was created by your component.
The preceding factors allow for the coexistence of components from multiple vendors on ...