Lightning Experience Setup

Introduction

Lightning Experience is the newest user interface for Salesforce.

With FieldFX built on the Salesforce platform, you can take advantage of Lightning Experience right away.

To use the FieldFX Lightning package starting with version 1.225, you must use the FieldFX Managed Package version 1.529 or higher.

To find the version numbers you have installed, see Check Version Number for FieldFX Managed Package and FieldFX Lightning Managed Package.

Prerequisites

To set up Lightning Experience, you need:

Have these user licenses Have these permissions Complete these tasks
and review these topics
before continuing

None

  • Assign Permission Sets

  • Customize Application

  • Manage Profiles and Permission Sets

  • View Setup and Configuration

None

Step-by-Step Guides

When setting up the Lightning Experience, you can complete these tasks:

Switch to Lightning Experience

  1. Run the Lightning Experience Migration Assistant:

    1. Access FieldFX Back Office.

    2. Switch to Salesforce Classic.

    3. Open Setup.

    4. Click Get Started on the Lightning Experience Migration Assistant panel.

      Screenshot of the Lightning Experience Migration Assistant

    5. Follow the on-screen instructions to learn and set up Lightning Experience.

  2. Update these workflow controls on FieldFX Back Office page layouts to 250 pixels:

  3. Test all FieldFX functionality in Lightning Experience:

    1. Run through the tasks completed during your daily operations.

    2. Verify that everything is working correctly and adjust page layouts where necessary.

      Contact FieldFX Support if you encounter any issues.

Back to Step-by-Step Guides

Add to the CORS Whitelist

FieldFX and Salesforce has a Cross-Origin Resource Sharing (CORS) Whitelist. With this list, FieldFX Visualforce pages can access Salesforce.com content.

For more information on CORS, see Salesforce Help: Add Your Website to the CORS Allowlist.

Access the CORS list by:

  1. In Lightning Experience, open Setup Gear icon.

  2. Enter CORS in the Quick Find box.

  3. At the CORS screen, click New to enter a new URL.

  4. At the Allow an Origin screen, enter a URL in the Origin URL Pattern in the CORS Allowed Origin List Edit section. For more information, see Salesforce Help: Configure Salesforce CORS Allowlist

    The URL must include https://, and can include a port. You can also allow browser extensions. You can use the wildcard character (*) which must be in front of a second-level domain name, for example, https://*.example.com.

  5. Click Save.

    The table of allowed Origins List appears with the new Origin URL Pattern you just entered.

Access CSP Settings

  1. In Lightning Experience, open Setup.

  2. In Setup, enter CSP in the Quick Find box.

  3. Select CSP Trusted Sites.

Ensure Salesforce FXL CSP Setting is Enabled

  1. At the CSP Trusted Sites list, find SalesforceFXL.

  2. Click Edit in the Action column for the Salesforce FXL Trusted Site.

  3. At the CSP Trusted Site Definition (Managed) window, find the Active checkbox in the Content Security Policy Trusted Site Edit > General Information section.

    Field Name Entry / Option

    Trusted Site Name

    SalesforceFXL

    Trusted Site URL

    https://*salesforce.com

    Description

    Optional

    Active
    checkbox

    Select

    Context
    dropdown

    All

  4. If the checkbox is clear, click to enable it.

  5. Click Save.

Enable Clickjack Protection

Clickjacking is a tactic in tricking a user to click on a link that performs malicious actions. The actions could be data intrusion, unauthorized emails, change credentials, etc. The trusted domain could have a transparent UI control that is on top of a button. The user thinks they are clicking on the button, but they are clicking on an invisible button that takes them somewhere else, thus their link was clickjacked.

Salesforce uses clickjack protection for Visualforce pages but the admin must enable the protection in their org.

  1. While in Setup, enter Session Settings in the Quick Find search box.

  2. At the Session Settings screen, find the Clickjack Protection section.

    1. If not already selected, select the Enable clickjack protection for Setup pages checkbox.

    2. If not already selected, select the Enable clickjack protection for non-Setup Salesforce pages checkbox.

  3. Save your changes.

Back to Step-by-Step Guides

Enable Trusted Domains for Inline Frames

Some Visualforce pages use iFrames, or inline frames, to display content. To protect your domain and Visualforce pages using iframes from clickjacking, you can add these domains so they allow iframing.

  1. While in Setup, enter Session Settings in the Quick Find search box.

  2. At the Session Settings screen, find the Trusted Domains for Inline Frames section.

    1. To add a domain, click Add Domain.

    2. Enter the domain name in Domain.

      If the domain name is a Visualforce page, add force.com.

    3. Choose the iFrame Type and select Visualforce Pages.

    4. Click Save or Save & New to add another domain.

  3. Back in the Trusted Domains for Inline Frames section, select one or both of these checkboxes:

    • Enable clickjack protection for customer Visualforce pages with standard headers

    • Enable clickjack protection for customer Visualforce pages with headers disabled

  4. Save your changes.

Back to Step-by-Step Guides

Enable CSP Trusted Site Definition

If you are unable to see your file uploads using the FXL File Viewer, you may need to add or edit the CSP Trusted Site Definition.

  1. While in Setup, enter CSP in the Quick Find search box.

  2. Select CSP Trusted Sites.

  3. At Content Security Policy Trusted Sites window, ensure there is a Trusted Site for the FXL File Viewer.

  4. To edit the Trusted Site entry, click Edit next to the entry.

    • Under CSP Directives, ensure that all the checkboxes are checked:

      CSP Directives checkbox: Allows Lightning Components to load this:

      Allow site for connect-src

      URLs using script interfaces from this site.

      Allow site for font-src

      Fonts from this site.

      Allow site for img-src

      Images from this site.

      Allow site for media-src

      Audio and video from this site.

      Allow site for style-src

      Stylesheets from this site.

Back to Step-by-Step Guides

Recommended Reading