Content Security Policy directive: "connect-src 'self'

meribinks · December 21, 2023, 2:08am

Hello!
I am new to Skuid and I have a button that calls a js snippet. My js uses setInterval to poll an Invocable method.
It worked great until I added the Skuid page in a lightning page then i got this error
Content Security Policy directive: "connect-src ‘self’

Here’s my script:

var $ = skuid.$;
var interval = 3000;
var request = ‘{“inputs”:[’;
var Quote = skuid.model.getModel(‘Quote’);
$.each(Quote.data,function(i,row){
request += ‘{“recordIds”:"’ + row.Id + ‘"},’;
});
request = request.substring(0, request.length-1);
request += ‘]}’;
var setTimeInterval = setInterval(function(){
//console.log(‘hi:’ + Quote.data[0].Id);
console.log(‘@@@enter setInterval’);
$.blockUI({ message: ‘Recalculating…’});
$.ajax(‘/services/data/v56.0/actions/custom/apex/CPQRecalculateHelper’, {
data: request,
type: ‘POST’,
crossDomain: true,
dataType: “json”,
beforeSend: function(xhr) {
xhr.setRequestHeader(‘Authorization’, 'Bearer ’ + sforce.connection.sessionId);
xhr.setRequestHeader(‘Content-Type’, ‘application/json’);
},
success: function(response) {
console.log(response[0]);
if (response[0].outputValues.output == false){
console.log(‘done’);
clearInterval(setTimeInterval);
$.unblockUI();
} else {
console.log(‘not yet done’);
}
},
error: function(jqXHR, textStatus, errorThrown) {
console.log([jqXHR, textStatus, errorThrown]);
clearInterval(setTimeInterval);
$.unblockUI();
}
});
},interval);

I know Salesforce has been strict with CSP but I’m wondering if what i’m trying to do is possible in skuid? Is there any available action (?) wheren i can poll an invocable method?

Any help is appreciated.

Skuidward_Tentacles · December 21, 2023, 11:56am

I’m not sure if this is relevant to this situation, but I recently had an issue with an inline frame that loaded a Skuid page inside a Skuid page. I used the relative URL (where you leave off the root in the beginning and Skuid adds it for you).

The issue was that there were actually several root URLs that I could use to access the Skuid page and depending on how the user was accessing the page the root URL would be different. If the root URL they used to arrive at the page was different than the root URL that was prepended to the relative URL, I would get a similar error to what you are seeing.

My guess would be that the root URL being added to differs from the root URL that is used in lightening so Salesforce is flagging it as a CSP issue. Maybe try using the full URL here that includes the root URL used by the lightning page you are loading this script in.

‘/services/data/v56.0/actions/custom/apex/CPQRecalculateHelper’

Rob_Hatch · December 21, 2023, 3:38pm

A few random thoughts.

You might add a CSP directive to the same site where you are accessing this information. (See Trusted URL’s in sf Setup)
Salesforce does not allow you to query the Salesforce API from within a Lightning Component. See this StackExchange post.. I’m not reading your code in great detail - but this may an issue. Try hosting the page in a VF component instead and see if that works…
Skuid allows you to call Invokable apex directly from our actions. See Docs here: Invocable Methods and the Apex Data Source Action — Skuid v16.4.2 Documentation.

meribinks · December 29, 2023, 12:08am

I found a way to poll the data i need without using ajax, i used model instead.

Thank you both for your quick response.