Salesforce Spring ’25 Update: Important Changes to CSP Directives & Sprout iframe

Starting with Salesforce’s Spring ’25 release, stricter Content Security Policy (CSP) directives will be enforced on Lightning Pages. These new rules are designed to keep your Salesforce environment secure by preventing cross-site scripting and other code injection attacks that can occur from loading externally hosted resources like scripts, fonts, images, audio, video and stylesheets in Salesforce Lightning Web Pages.

What This Means for Sprout Social Users

This update will block the Sprout Social iframe from loading in the Lightning Web Component used in your Case page layout—unless you make a few easy changes to avoid any disruptions.

Here’s what to do:

  • Add sproutsocial.com as a Trusted URL: Ensure Sprout Social can continue to load smoothly by adding it as a trusted source. Be sure to select “frame-src” as the directive that allows iframes from this URL to load.
  • Upgrade to Version 1.5: Head over to the AppExchange and upgrade to the latest version of the managed package. This version includes a built-in component that automatically adds *sproutsocial.com as a trusted URL for iframes.

You can check your current settings by going to Setup > Security > Session Settings > Content Security Policy (CSP) Directive Rendering. Look for the option to adopt the updated CSP directives, which will be automatically applied when Spring 25 rolls out.

Related Posts
Salesforce OEM AppExchange
Salesforce OEM AppExchange

Expanding its reach beyond CRM, Salesforce.com has launched a new service called AppExchange OEM Edition, aimed at non-CRM service providers. Read more

The Salesforce Story
The Salesforce Story

In Marc Benioff's own words How did salesforce.com grow from a start up in a rented apartment into the world's Read more

Salesforce Jigsaw
Salesforce Jigsaw

Salesforce.com, a prominent figure in cloud computing, has finalized a deal to acquire Jigsaw, a wiki-style business contact database, for Read more

Health Cloud Brings Healthcare Transformation
Health Cloud Brings Healthcare Transformation

Following swiftly after last week's successful launch of Financial Services Cloud, Salesforce has announced the second installment in its series Read more

author avatar
get-admin