The Lightning Component framework uses Content Security Policy (CSP), which is a W3C standard, to control the source of content that can be loaded on a page. To use third-party APIs that make requests to an external (non-Salesforce) server, add the server as a CSP Trusted Site.
IMPORTANT : You can’t load JavaScript resources from a third-party site, even a CSP Trusted Site. To use a JavaScript library from a third-party site, add it to a static resource, and then add the static resource to your component. After the library is loaded from the static resource, you can use it as normal.
1.From Setup, enter CSP in the Quick Find box, then select CSP Trusted Sites.
This page displays a list of any CSP Trusted Sites already registered, and provides additional information about each site, including site name and URL.
2.Select New Trusted Site.
3.Name the Trusted Site.
For example, enter Google Maps.
4.Enter the URL for the Trusted Site.
The URL must begin with http:// or https://. It must include a domain name, and can include a port.
5.Enter a description for the Trusted Site.
6.To temporarily disable a Trusted Site without actually deleting it, deselect the Active checkbox.
7.Select the Context for this trusted site to control the scope of the approval.
CONTEXT
All – (Default)CSP header is approved for both your organization’s Lightning Experience and Lightning Communities
LEX – CSP header is approved only for your organization’s Lightning Experience
Communities – CSP header is approved only for your organization’s Lightning Communities
NOTE : To enable corresponding access for Visualforce or Apex, create a Remote Site.
8.Select Save.
This information is very useful to create CSP Trusted sites to Access Third-Party APIs.
Author Bio
