Open jove4015 opened 3 years ago
This issue has been linked to a new work item: W-9302694
This issue has been linked to a new work item: W-9302695
Hi Team,
I am also facing a similar issue in code. Did anyone find the solution to resolve this issue?
Regards, Puneet Gaur
There is currently no update on this issue from the Lightning base component team.
Hi Salesforce Team,
My Org is also seeing this issue. Please do provide an update on this.
Thanks, Sunil
same issue
Same here
Same here
Description
Steps to Reproduce
https://webcomponents.dev/edit/iOI2o9ZhYfIQhL32Mzth
Expected Results
Should be able to click from step to step in progress indicator without CSP errors in console.
Actual Results
You get this error in the console, and none of the progress-step events fire:
Refused to run the JavaScript URL because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-OdZeVsYPce120YkcJhVd5EoK5VP1rai6' chrome-extension: 'unsafe-inline' 'unsafe-eval' .canary.lwc.dev .visualforce.com https://ssl.gstatic.com/accessibility/". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
This does not happen on webcomponents.dev because the CSP is not the same as a Salesforce org. You have to do this in an actual Salesforce org to see the problem.
Browsers Affected
Chrome, Latest
Version
Unclear. This is in my pretty standard sandbox.
Possible Solution
If you look at the code generated, you will see this:
`
<a aria-selected="true" href="javascript:void(0);" role="option" tabindex="0" class="slds-path__link">
...
` Can we please remove the javascript:void(0) and replace with something valid under Salesforce's CSP?
Additional context/Screenshots
I believe a "#" would be sufficient.