CSP Sites: Can't Access Resource Error Message

If you receive an error message like the below, you need to modify your CSP Sites.

Screen_Shot_2019-02-06_at_2.04.13_PM.jpg

 

Salesforce Changes to CSP Security Settings

With Spring 19 release, Salesforce enabled Strict CSP Security settings for new Lightning Communities by default. For existing communities, the default setting is: Allow Inline Scripts and Script Access to Any Third-party Host. Salesforce will be retiring this setting in Winter '20 release according to the SP19 release notes.

At Formstack, we take security seriously. To keep serving our forms seamlessly and to comply with Salesforce security, we have added 2 CSP Trusted Sites as part of our managed package.

  • Production
    • FormstackAPIEndpoint
  • Sandbox
    • FormstackSandboxAPIEndpoint

You can find those in Setup, enter CSP in the Quick Find box, then select CSP Trusted Sites.

 

Actions to be taken by customers

New Customers (new installs - 3.71+)

  • No action needed. CSP sites are added and enabled automatically.

Existing Customers

  • We recommend all customers enable our CSP trusted sites for Formstack to function properly in a Community. This is required when your org is configured for strict security settings.
  • Make sure the following settings in the screenshot below are active.

FormstackCSPTrustedSites.png

 

References:

Was this article helpful?
1 out of 2 found this helpful

Comments

0 comments

Article is closed for comments.