Field service visualforce pages display a blank page or an error referencing CSP settings blocking content when the "Enable clickjack protection for customer Visualforce pages with headers disabled" is enabled

Publiceringsdatum: Sep 11, 2023

Beskrivning

As per the recommendations from the health check, it is required to enable the setting "Enable clickjack protection for customer Visualforce pages with headers disabled" under the session settings page and this might lead to blocking the content of field service visualforce pages.

Note:
Enable clickjack protection for customer Visualforce pages with headers disabled:
Protects against clickjack attacks on your Visualforce pages with headers disabled when setting showHeader="false" on the page.

Lösning

To resolve this issue it is required to add 2 domains in the trusted domains section.

Please follow the below instructions,
- Login to the Salesforce org as a System Admin
- Go to Setup
- In the quick find, search for "Session Settings"
- Go to the "Trusted Domains" section
- Click on "Add Domain"

Domain = https://*.lightning.force.com
IFrame Type = Visualforce Pages

- Click "Save & New"
- Click on "Add Domain"

Domain = https://*.vf.force.com
IFrame Type = Visualforce Pages

- Click "Save"

Example attachment for reference,
ClickJackIssue (1).png

Knowledge-artikelnummer

000394615

Löste denna artikel ditt problem?

Berätta för oss vad vi kan förbättra!

Field service visualforce pages display a blank page or an error referencing CSP settings blocking content when the "Enable clickjack protection for customer Visualforce pages with headers disabled" is enabled

General Information

Required Cookies

Functional Cookies

Advertising Cookies

General Information

Required Cookies

Functional Cookies

Advertising Cookies

Cookie List