Nintex Ideas

👋 Use this site to provide feedback and ideas for all Nintex Products. See our post on Nintex Community "Welcome to Nintex Ideas" for more details on Nintex Ideas, how an idea is handled by our product teams and more!


If you have questions about Nintex Ideas, please contact ideas@nintex.com

If you require support, please visit Nintex Customer Central

If you have a sales inquiry, please contact sales@nintex.com

Add a new idea Subscribe
Status Not Planned
Workspace Nintex Automation Cloud (formerly Nintex Workflow Cloud)
Categories Other
Created by Guest
Created on Jul 29, 2022

RELATED IDEAS

Nintex Forms in Salesforce Community

I would like to add a embed a Nintex Form in Salesforce Lightning Component in a Salesforce Community. I can currently do this in a standard Salesforce site by following this article - https://community.nintex.com/t5/Blog/How-to-use-the-Salesforce-Lightning-Component-for-NWC-Forms/ba-p/120121
When trying to do this in a SF Community, I get an error in my browser console saying "Refused to frame 'https://inserttenantnamehere.workflowcloud.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://*.lightning.force.com https://*.visual.force.com"
Salesforce Communities have different URLs compared to a standard Salesforce sites. This leads me to believe the https://*.force.com domain needs to be allowed/whitelisted on the Nintex side.
Thank you!
  • ADMIN RESPONSE
    Sep 7, 2022
    From reading the error at the start of this thread, it looks like the issue is Content Security Policies (CSP) https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy ( https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy ) )

    CSP’s do as the name says and ensures that only allowed content is loaded onto the website, it is a new web standard that was created to help prevent cross site scripting attacks (XSS), code injection and other client-side attacks, and are not regarded as best practice and also highly recommended by many government sites.

    Found this article from Salesforce about CSP’s: https://developer.salesforce.com/docs/atlas.en-us.lightning.meta/lightning/csp_trusted_sites.htm ( https://developer.salesforce.com/docs/atlas.en-us.lightning.meta/lightning/csp_trusted_sites.htm )

    *Possible Solution:*

    From what we understand the entity will need to add ‘ https://sucessteam.workflowcloud.com/ ( https://sucessteam.workflowcloud.com/ ) ’ as a Trusted Site and this should fix the problem as described here: https://developer.salesforce.com/docs/atlas.en-us.lightning.meta/lightning/csp_trusted_sites.htm ( https://developer.salesforce.com/docs/atlas.en-us.lightning.meta/lightning/csp_trusted_sites.htm )
  • Attach files