Other Security Changes
Select a default owner for records created by Salesforce Site guest users. And in Summer ’21, the Require secure connections (HTTPS) for all third-party domains setting gets enabled then removed because it can no longer be disabled.
- Require Secure HTTPS Connections for All Third-Party Domains
As a security best practice, HTTPS connections are required to connect to third-party domains beginning in Summer ’21. With enforced secure connections, HTTP-only connections are no longer permitted. The Require secure connections (HTTPS) for all third-party domains setting on the Session Settings Setup page is enabled and then removed because it can’t be disabled. The Require secure connections (HTTPS) setting also is removed because it was previously enabled and can’t be disabled. - Assign Records Created by Site Guest Users to a Default User
To increase the security of your Salesforce data, unauthenticated guest users no longer automatically own the records they create. Instead, when a guest user creates a record, the record ownership is reassigned to a default active user that you can select.