0 votes
1 view
in Salesforce by (11.9k points)

I'm trying to use web workers in lightning component. Using them in lightning component directly fails due to LockerService. Another option of using them inside the newly available lightning: container fails due to CSP rules. Don't know if it matters but I'm using a patch org and developing a managed packed.

The issue I'm getting is:

Refused to create a worker from 'blob:https://xxxx.container.lightning.com/0487b8bd-d72f-4859-a0b7-0b2608a108c0' because it violates the following Content Security Policy directive: "script-src 'self' chrome-extension: https://zzzz.net *.na55.visual.force.com https://ssl.gstatic.com/accessibility/ 'nonce-yyyy'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.

I've created a manifest.json file inside the resource with the following content according to the following documentation:


  "landing-pages" : [


      "path": "index.html",

      "content-security-policy-type": "custom",

      "content-security-policy": "script-src *;"




It seems that my manifest.json is being ignored. Here is the CSP request that is being sent:

{"csp-report":{"document-uri":"https://xxxx.container.lightning.com/lcc/0000/xxxxx/index.html?sfdcIFrameOrigin=https%3A%2F%2Fxxxx.lightning.force.com","referrer":"https://xxxx.lightning.force.com/","violated-directive":"worker-src","effective-directive":"worker-src","original-policy":"default-src 'self'; script-src  'self' chrome-extension: https://zzzz.net *.na55.visual.force.com https://ssl.gstatic.com/accessibility/ 'nonce-yyyy'; object-src 'self' https://xxxx.na55.content.force.com; style-src 'self' chrome-extension: 'unsafe-inline' *.na55.visual.force.com; img-src 'self' http: https: data: blob: *.na55.visual.force.com; media-src 'self' https://xxxx.na55.content.force.com *.na55.visual.force.com; frame-ancestors https://xxxx.lightning.force.com; frame-src https: mailto: *.na55.visual.force.com; font-src 'self' https: data: *.na55.visual.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com *.na55.visual.force.com; report-uri /_/csp","disposition":"enforce","blocked-uri":"blob","line-number":1,"column-number":31921,"source-file":"https://xxxx.container.lightning.com/lcc/0000/xxxxx/all.min.js","status-code":0,"script-sample":""}}

I would like to get Web Workers working in SalesForce lightning component, one way or another. Anyone had similar situation?

Please log in or register to answer this question.

Welcome to Intellipaat Community. Get your technical queries answered by top developers !