[SalesForce] Load an external Javascript library in a Lightning Community

To add external Javascript library to a Lightning Community, we tried including it in HTML head markup options. Result: CORS errors. We have added the URL to a list of trusted sites but it did not help.

We then tried adding the Javascript library as a static resource and use it in a Lightning component via ltng:require scripts="{!$Resource.ResourceName}". The library did load but we weren't able to use it.

Best Answer

added based on comments

You should not use direct # (Id selector) and . (class selector) selectors in jquery (or any other library) as that will cross the component boundary. You should instead use $(component.find('initid').getElement()) which will respect component boundary.

Once the library is loaded $ is available throughout. Also there is no need of onready as you are already invoking the function on afterScriptsLoaded.

Below is the sample script:

COMPONENT:

<ltng:require scripts="{!$Resource.myscripts +'/jquery-3.4.1.min.js'}"
                       afterScriptsLoaded="{!c.scriptsLoaded}" />

<div>
    POC test jquery
</div>

<div aura:id="initid" class="initid">
    initid
</div>

<lightning:button label="Add Text" onclick="{!c.addText}" />
<div aura:id="dynamictext" class="dynamictext">
    dynamictext
</div>

CONTROLLER js:

scriptsLoaded : function(component, event, helper){
    console.log('handle scriptsLoaded load => ', $, jQuery);
    $(component.find('initid').getElement()).text('Added text during init');
},
addText : function(component, event, helper){
    $(component.find('dynamictext').getElement()).text('dynamic text from button');
}

Old answer

I just tested in my org with below code:

COMPONENT file:

<ltng:require scripts="{!$Resource.myscripts +'/jquery-3.4.1.min.js'}"
                       afterScriptsLoaded="{!c.scriptsLoaded}" />

<div>
    POC test jquery
</div>

CONTROLLER js:

scriptsLoaded : function(component, event, helper){
    console.log('handle scriptsLoaded load => ', $, jQuery);
}

And got below log:

handle scriptsLoaded load =>  ƒ (e,t){return new k.fn.init(e,t)} ƒ (e,t){return new k.fn.init(e,t)}

This means it is working in community - even when I login as community user.

Related Solutions

[SalesForce] How to load static resources in Lightning Components from zip file

Since your folder name and static resource name both are myResources, its leading upto a confusion.

You need to include your folder name as well in the path like this.

<ltng:require styles="/resource/myResources/myResources/styles/styles.css" 
                  scripts='/resource/myResources/myResources/scripts/js1.js,
                          /resource/myResources/myResources/scripts/js2.js' 
                  afterScriptsLoaded="{!c.setup}" />

[SalesForce] Place external JS in head of community

As of Summer '17 with locker service and with "Enable Stricter CSP for Lightning Components" Enabled it will no longer be supported. the documentation lists supported tags and attributes as well as an IMPORTANT note.

Important: With the "Enable Stricter CSP for Lightning Components in Communities" critical update, you have control over whether to enforce stricter CSP. When stricter CSP is activated, some of your existing head markup may not work correctly. Test your markup in your sandbox or DE orgs first before activating in live orgs in a future release.

For security purposes, we restrict the tags, attributes, and values allowed in the head markup of your pages

<base>

Allowed Attributes:

href, target

<link>

Allowed Attributes:

as, charset, crossorigin, disabled, href, hreflang, id, import, integrity, media, rel, relList, rev, sheet, sizes, target, title, type

**For rel, allowed values are alternate:

apple-touch-icon, apple-touch-icon- precomposed, apple-touch-startup-image, author, bookmark, external, help, icon, license, manifest, mask-icon, next, nofollow, noopener, noreferrer, pingback, prefetch, preload, prev, search, shortcut icon, stylesheet, and tag.

<meta>

Allowed Attributes:

charset, content, http-equiv,2 name, scheme

**For http-equiv, allowed values are cleartype, content-type, content-language, and default-style.

<title>

None allowed

If you do add scripts you will get the following message:

You will have to monitor and check for critical updates and decide which ones to enable/disable.

Best Answer

Related Solutions

[SalesForce] How to load static resources in Lightning Components from zip file

[SalesForce] Place external JS in head of community

Related Topic