I am working on a lightning component in my Salesforce Community. Yesterday it worked fine and out of the blue, I started getting the following error in the community builder. I am including the Twitter Widget js file in a static resource. I am also receiving the second error in the browser while visiting the page. Has anyone had issues like this before or with including a Twitter share button in their lightning components?
The full error messages I am receiving is:
Custom Script Eval error [SecureDOMEvent: [object Event]{ key: {"namespace":"c"} }]
and
Refused to load the script 'data:application/javascript;base64,DOZENSOFRANDOMCHARS' because it violates the following Content Security Policy directive: "script-src * 'unsafe-inline' 'unsafe-eval'".
Best Answer
This is likely caused by a change that Salesforce made in Winter 19:
Stricter CSP Restrictions
You can disable this. Follow these steps:
Stricter CSP is enabled by default. To disable it:
More details here