The Lightning Component framework uses Content Security Policy (CSP) to impose restrictions on content. The main objective is to help prevent cross-site scripting (XSS) and other code injection attacks.
To use third-party APIs that make requests to an external (non-Salesforce) server or to use a WebSocket connection, add a CSP Trusted Site.
Process to add CSP Trusted Sites
- Go to Setup
- Go to my Domain
- Copy Url from “Current My Domain URL” as marked in the screenshot.
- Search for “CSP Trusted Sites” in setup
- Add new
- Provide “Trusted Site Name”
- Provide “https://” in Trusted site URL
- Append “Trusted Site URL” with link from 3rd point.
Note* - This URL is custom to every org (User need to pick the URL part from the org URL)
- Select all the Directives under CSP Directives
Updated 10 days ago