KI-121
Salesforce Summer ’24: CSP directives prevent Microsoft 365™ iframes from loading
Created date | 05/17/2024 | Updated date | 08/22/2024 | ||||||||||||
Status | Backlog | Related work item | PLTFM-2721 | ||||||||||||
Description | As part of Salesforce’s Summer ’24 release, Salesforce is updating the content security policy (CSP) directives for Lightning pages. This prevents Microsoft 365™ domains that are embedded as iframes in Lightning pages from loading and may prompt an error in your browser. For more information about the release update, reference Salesforce’s documentation. | ||||||||||||||
Affects version(s) | All versions | Impacted capabilities | N/A | ||||||||||||
Steps to reproduce |
| ||||||||||||||
Workaround | To ensure that Microsoft 365™ iframes load as expected, configure Microsoft 365™ as a trusted site:
For more information about CSP rules and trusted URLs, reference Salesforce's documentation. | ||||||||||||||
Fix version | Resolution notes |