ssjs.guide SFMC

Best Practices

SSJS best practices for debugging, performance, security, coding style, defensive programming, and error logging.

Writing robust SSJS requires understanding both the capabilities and the sharp edges of the SFMC platform. This section consolidates practical guidance from community experts and real-world SFMC implementations.

In This Section

Page Description
Debugging Techniques for debugging SSJS in all execution contexts
Performance Minimize page load times and avoid timeouts
Security Protect against injection, CSRF, and data exposure
Style Guide Consistent, readable SSJS code conventions
Defensive Coding Guard against null values, empty strings, and unexpected inputs
Error Logging Capture and persist errors for debugging and monitoring

Top 10 SSJS Rules

  1. Always Platform.Load("core", "1.1.5") first — before any Core library usage
  2. Read GetPostData() once — store in a variable immediately, it returns "" on second call
  3. Use + "" before ParseJSON()ParseJSON(str + "") not ParseJSON(str) to avoid 500 errors
  4. Never trust user input — validate and sanitize all query params, POST fields, and cookies
  5. Use var everywherelet, const, arrow functions, and template literals all throw runtime errors
  6. Add filter to de.Rows.Retrieve() on CloudPages — it returns empty without a filter
  7. Handle the switch default bug — test your switch statements, use if/else as fallback
  8. Log errors to a DE — don’t rely on SFMC’s native error pages for debugging
  9. Set content type explicitly — always call Platform.Response.SetContentType("application/json") for API responses
  10. Use WSProxy over CreateObject/Invoke — WSProxy is simpler and more maintainable