When Clickjack Protection is enabled in Salesforce Session Settings, Visualforce pages that are embedded in the Salesforce Service Console (also called the Lightning App Console) display as completely blank. This occurs because Clickjack Protection prevents pages from rendering inside iFrames, and the Salesforce Service Console uses an iFrame-based architecture to display embedded Visualforce pages.
This issue affects Salesforce products that rely on Visualforce pages for key UI components within the Console:
Disabling Clickjack Protection reduces the security posture of your Salesforce org by allowing Visualforce pages to be rendered inside iFrames from other domains. Review the security implications with your Salesforce administrator or security team before making this change. Consider whether alternative solutions — such as updating Visualforce pages to use Lightning Web Components — are feasible for your org.
000383530

We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.