Salesforce published a release updating the Content Security Policy (CSP) directives for Lightning pages to help protect organizations against cross-site scripting and other code injection attacks. This update restricts web content display within Salesforce; web content can include the SharinPix website and its images on Salesforce record pages or fields. If no CSP Trusted URLs are configured and activated for SharinPix in the organization, errors like the above will show. Images will also appear broken on Salesforce fields.

Adding the Trusted URLs for SharinPix will ensure compliance with the Salesforce update and enable access to the SharinPix component.

To address blank SharinPix components or components not rendered on your Salesforce organization, please proceed as follows:

1. Update your SharinPix package to the latest version. For steps on how to update the SharinPix package, please refer to this documentation: How to update SharinPix package from the AppExchange?. The minimum version required is 1.308.
2. Once the package is updated, please ensure that the CSP Trusted Sites entries for SharinPix are activated as demonstrated below:
   • Go to Setup. Enter CSP in the Quick Find Box.
   • Under Security, select Trusted URLs.
   • Then, click the entry labeled SharinPix and ensure that the Active checkbox is checked.
   • To complete, click the SharinPixProxy entry and ensure that the Active checkbox is checked.

The following steps should only be followed if a package upgrade is not feasible on an org. A package upgrade is, however, highly recommended to stay up to date with the latest features and fixes.

To add a CSP Trusted Site for SharinPix, please proceed as follows:

1. Go to Setup. Enter CSP in the Quick Find Box.
2. Under Security, select Trusted URLs.
3. Then, click on New Trusted Site as shown below: