Loading

Clickjack Protection for Salesforce Visualforce Pages Is Enabled and Field Service Pages Become Blank or Gives Error

Publiseringsdato: Mar 31, 2026
Beskrivelse

If an admin enables clickjack protection for customer Salesforce Visualforce pages with standard headers disabled, the Field Service Visualforce pages will display a blank page or an error will display referencing content failing to load due to a CSP blockage. This error occurs with the map view of the Gantt as well as when trying to view the Health Check page.  Issues are also reported when viewing the calendar and skills on a Service Resource record. 

Please note clickjack settings can be enabled manually from the Setup pages or auto-enabled on the results screen of the Salesforce health check utility under Security. 

Løsning

The following are instructions to return the Field Service Visualforce pages to normal disable clickjack protection for customer Visualforce pages with headers disabled. 

In Classic:
1. Select Setup in the upper right.
2. Search for Session Settings in the Setup menu on the left.
3. Once session settings is selected, navigate to Enable clickjack protection for customer Visualforce pages with headers disabled and deselect the check box.
4. Select Save

Content will now be displayed correctly.

In Lightning:
1. Select the gear icon in the upper right-hand corner of the screen and select Setup
2. In the quick find on the left, enter Session Settings.
3. Once session settings is selected, navigate to Enable clickjack protection for customer Visualforce pages with headers disabled and deselect the check box.
4. Select Save

Content will now be displayed correctly.

Workaround:

If clickjack protection must be enabled within an org and stay active, then you can add "*.force.com" as a trusted site.

  1. Setup -> Session Settings -> Trusted Domains for Inline Frames
  2. Click Add Domain
  3. Add the new trust site:

           Url = *.force.com, Context = Visualforce page

Flere ressurser

For additional information about clickjack protection and best practices, please review the resources below:

Salesforce Health Check Trailhead

Putting Visualforce on External Domains  

Salesforce Security Guide

Knowledge-artikkelnummer

000380470

 
Laster
Salesforce Help | Article