Managing CORS with the Salesforce Interactions SDK Launcher
The Salesforce Interactions SDK Launcher is a Google Chrome extension that supports launching the Marketing Cloud Personalization Visual Editor on any domain. You can install this extension from the Chrome Web Store.
If you have the legacy Evergage Visual Editor Chrome extension installed, you must disable it for the Salesforce Interactions SDK Launcher to work correctly.
- The value of the
default-srcdirective must include
- If you're using
style-srcdirectives in place of
default-src, then each directive must include
'https://cdn.evergage.com'in their values.
- If the policy includes the
frame-ancestorsdirective, the value must include
'self'. (Generally, if this directive is in use, its value is set to
none, which prevents the Visual Editor from framing in your page.)
X-Frame-Options must be set to
SAMEORIGIN which allows the page to be displayed within an
<iframe>, provided that the parent/frame domains are of the same origin.
Some pages utilize other methods of blocking the loading of unknown resources. If your page restricts the loading of scripts or assets to specific domains in different ways, you must allowlist
To ensure that the Salesforce Interactions SDK Launcher extension works correctly, check and configure the following extension and browser settings.
chrome://extensionson Google Chrome
- Select Details on the Salesforce Interactions SDK Launcher tile
- Set Set Access to On all site
chrome://settings/cookieson Google Chrome
- Disable Block third-party cookies
- External Link: MDN Web Docs: