unrecognized content-security-policy directive 'referrer'

Hi, I have a page created for a specific user that no longer works.

It was all working fine last week and have no made changes on it recently.

Nor have i updated skuid (on 8.15.14) during that time

I think it may have to do with new salesforce release? as it coincidently started at the same time

Now user can no longer view the content on that page, and here’s errors.

As admin i can view and use this page no problem, but user cannot

I’ll appreciate any help I can get

thks

Hello, same exact problem for me … I also think it may have to do with the last release since the error point on the initLocker function

Dave and Jordane,

Some questions to investigate:

  1. Is this page in Lightning?
  2. What browser are you using?
  3. For the user experiencing the problem, does the page load at all or is it just blank?
  4. Do you have any custom Javascript resources on the page?
  5. Can you please post the whole content of the console to show all the errors?
  6. Do you see this issue on only one page or multiple pages? If multiple pages is there any characteristics that those pages share, such as an external data source or specific component?

Just to make sure,
Are you also on 8.15.14?
Have you also not updated Skuid recently?
Is it also the case for you that a system admin can view the page but other users can’t?

Hi Amy,

1- No
2- Chrome version Version 56.0.2924.87 (but also tried on explorer and firefox, same issue)
3- it does not load and here’s error messages i get: Insufficient Privileges
4- Just some snippets to conditionally highlight values (use same snippets in many other pages with no issue)
5- sure, see below
6- So far this is the only page that causes me issues… It’s used as custom homepage, but even trying to access that page directly , user has same problem

Not 100% what u mean by whole content, but here :

Copy /pasted: 2about:blank:1 Unrecognized Content-Security-Policy directive ‘referrer’.

2/jslibrary/1485897292000/sfdc/SfdcSessionBase204.js:31 Unrecognized Content-Security-Policy directive ‘referrer’.

b @ /jslibrary/1485897292000/sfdc/SfdcSessionBase204.js:31

https://login.salesforce.com/17181/logo180.png Failed to load resource: the server responded with a status of 404 (Not Found)

InteractionFramework.js:14 Unrecognized Content-Security-Policy directive ‘referrer’.

a

Here’s a couple SS and sorry just realized i posted wrong Screenshot in Original post :frowning:


Thank you

Dave,
Does the page have a page include on it? If so, can you check that the profile of the user experiencing the problem has the Include Visualforce page access?

Do you know if anything has changed in your Salesforce security setup recently? That error looks like the user does not have permission to view something on the page, perhaps at an object or record level.

Hi Amy,

Well you hit the issue right on! it has to do with the ‘include’ vf page not in this profile…

But what is really weird is that is that is was working fine all the time before the issue started last week…

Well, at the same time you did inadvertently fixed another similar issue i had (see this post)

I don’t understand, but glad it works 

So thank you again!


Dave,

Glad to hear that solved it!

I had this error.  Mine was because a snippet I was running was referencing a static resource path that existed in another environment.  The error is not super helpful!  :/

I had this error too only on my site page.  I use static resource path. Has this bug been fixed?

If you get ‘unrecognized content-security-policy directive ‘referrer’’ in your console that’s actually okay; that error won’t cause any issues with your page. If your page is experiencing issues, can you post a screenshot of your entire console? 

Thanks!


Why I get this error on site (as site guest user) and don’t on visualforce page (as admin)

Just in cased u missed it, Did u give access to that Site Guest User profile to the 'Include" VF page? if no see Amy’s post a little higher

Good Luck

I added this page many month ago. This site worked a few years.