Salesforce | What is CSP Trusted site in sfdc?

Tagged: Content Security Policy, Cross Site Scripting, CSP, Lightning Component Framework, SFDC, Third Party API

Salesforce® Discussions

What is CSP Trusted site in sfdc?

Posted by Saddam on September 13, 2019 at 11:05 am

What is CSP Trusted site in sfdc?

Piyush replied 5 years, 5 months ago 3 Members · 2 Replies
2 Replies

Laveena

Member
September 13, 2019 at 11:37 am

Hi Saddam,

The Lightning Component framework uses Content Security Policy (CSP) to impose restrictions on content. The main objective is to help prevent cross-site scripting (XSS) and other code injection attacks. To use third-party APIs that make requests to an external (non-Salesforce) server or to use a WebSocket connection, add a CSP Trusted Site.

Thanks
Piyush

Member
September 16, 2019 at 5:16 am

Hi,

Content Security Policy is enforced by adding an HTTP header with name “Content-Security-Policy” and defining a rule pattern. Based on the ruleset defined, the browser restricts the web page from downloading malicious content from unknown sources.

Popular Salesforce Blogs

Understanding the role of Salesforce Consulting in Driving Digital Transformation

Blog in Salesforce Consultant

In today’s rapidly evolving business environment, digital transformation has become a critical priority for companies across all industries. Digital transformation integrates digital technology into an…

Digital Transformation, Lead generation, Lead Nurturing, Marketing Automation Platform, Personalized Customer Experiences

DemandBlue Jul 26, 2023

1,465 Views

Salesforce Marketing Cloud vs Mailchimp | The Ultimate Guide

Blog in Marketing

Contents Salesforce Marketing Cloud vs Mailchimp: Choosing the Right Marketing Platform Target Audience Email Marketing Automation Analytics and Reporting Integration Pricing Scalability Support and Training…

A/B Testing, Analytics, Automation, Budget-Friendly, Customer Behavior

Kizzy Consulting Mar 19, 2024

560 Views

Top 11 Extensions for Salesforce Developers

Blog in Salesforce

Extensions are computer programs that let users personalize their Chrome surfing experience. They are created using web technologies like HTML, CSS, and JavaScript. documentation for…

Accurate Insights, analysis, Apex Classes, Apex Triggers, API Names

SP Aug 30, 2023

960 Views

How to Prepare for Salesforce Platform App Builder (CRT-402) ?

Video in Salesforce Certifications

The Salesforce Platform App Builder certification focuses on the different declarative functions available to an admin. Development and code are not included, but it focuses…

Salesforce Training, Salesforce Certification, Lightning Platform, Salesforce Video, Salesforce Learning

Jogender Nov 6, 2020

1,496 Views

Google Lead Form Extension To Salesforce | Salesforce Tutorial

Video in Others, Salesforce Training

Google Lead Form extension to Salesforce. This tutorial will cover the following points - 1. Introduction Learn how to integrate leads from Google lead form…

Salesforce Tutorial, salesforce, Salesforce Video, Salesforce Account, Dell Boomi

Algoworks Mar 1, 2021

1,558 Views

What are Profiles and Permission Sets in Salesforce ? | Object Level Security in Salesforce

Video in Salesforce Security

In this video, Shrey have explained complete Object Level Security in Salesforce which includes: 1. What is the significance of defining Object-level security in Salesforce?…

Salesforce Security, Salesforce Learning Steps For Beginners, Easy Way To Learn Salesforce, Best Salesforce Tutorials, Salesforce Profiles And Permission Sets