0

We have had an issue in our Salesforce sandboxes since the start of the week. Salesforce support has been pretty useless from the beginning.

Problem: Our Angular app is unable to send requests to an outside server.

Content-Security-Policy: The page’s settings blocked the loading of a resource (connect-src) at https://ourserver.com/api/user?userId=username because it violates the following directive: “connect-src 'self' wss://org--c.sandbox.container.force.com:80”

This Angular app is inside a lightning container that loads up the .zip from the static resource file system. We have added this server to Security -> Trusted URLs since the beginning. And everything has been working fine for a long time until now. Other calls to the said server still work fine. It's just that the calls happening inside the Angular app are no longer working.

Has there been an update to sandboxes during the previous weekend that might be the cause of this?

Our org (sandboxes and prod) has been migrated to Hyperforce. Production is still working fine (fingers crossed). Problem is currently only affecting our two sandboxes.

Any help or ideas are more than welcome!

Improve this question
4
  • 1
    Have you checked status.salesforce.com to view the current SF release and the maintenance history of your sandbox instances? Commented Sep 4, 2024 at 17:18
  • Thank you David for the comment. Yes, apparently the Winter '25 Major Release was pushed to the sandbox instances on Saturday which explains why this integration broke when it did. However the release did not contain CSP changes that would explain why Trusted URLs parameter list would not be available to lightning container applications Commented Sep 4, 2024 at 18:05
  • I assume you've already looked at this article, right? Can you edit your post to describe the things you've already checked? Commented Sep 4, 2024 at 18:59
  • Hi David, yes the domain is and has been on the Trusted URLs list since last year. We also do not get any CSP Violations entries when trying to open the Angular application. We do have buttons, etc in salesforce that send HTTP request to the same domain and those do work. Only the Angular app (lightning container component) does not. Commented Sep 4, 2024 at 19:38

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.