Loading

Salesforce Visualforce Pages Display Blank in Service Console Due to Clickjack Protection Settings (Field Service, Health Cloud, Financial Services Cloud)

Udgivelsesdato: Jun 22, 2026
Beskrivelse

Issue

When Clickjack Protection is enabled in Salesforce Session Settings, Visualforce pages that are embedded in the Salesforce Service Console (also called the Lightning App Console) display as completely blank. This occurs because Clickjack Protection prevents pages from rendering inside iFrames, and the Salesforce Service Console uses an iFrame-based architecture to display embedded Visualforce pages.

Affected Products

This issue affects Salesforce products that rely on Visualforce pages for key UI components within the Console:

  • Salesforce Field Service — affects list views built on Visualforce
  • Salesforce Health Cloud — affects Patient Cards and Patient List Views
  • Salesforce Financial Services Cloud — affects similar list view components built on Visualforce
Løsning

 

Resolution: Disable Clickjack Protection in Session Settings

  1. Go to Setup.
  2. In Lightning Experience, navigate to Security, then Session Settings. In Salesforce Classic, navigate to Security Controls, then Session Settings.
  3. Deselect the setting "Enable clickjack protection for customer Visualforce pages with standard headers".
  4. Deselect the setting "Enable clickjack protection for customer Visualforce pages with headers disabled".
  5. Click Save.

Security Note

Disabling Clickjack Protection reduces the security posture of your Salesforce org by allowing Visualforce pages to be rendered inside iFrames from other domains. Review the security implications with your Salesforce administrator or security team before making this change. Consider whether alternative solutions — such as updating Visualforce pages to use Lightning Web Components — are feasible for your org.

 

Yderligere ressourcer
Vidensartikelnummer

000383530

 
Indlæser
Salesforce Help | Article