Third-Party Library Considerations for Lightning Web Security
Third-party scripts can encounter issues when running with Lightning Web Security (LWS) enabled if they have these behaviors.
Some third-party scripts expect to add themselves to the global window
object. LWS confines them to a sandbox where they access a virtual copy of the global window
object.
To ensure that the code runs in the global scope of the LWS sandbox instead of attempting to access the actual global scope, modify the script code to assign self
to global
.
In this code, this
is passed to the closure function as global
. With LWS, this
and global
are undefined, so this code makes sure that global
evaluates as the sandbox global
.
If a third-party library script explicitly sets "use strict"
, the browser can throw errors when your components use the script while running in LWS.
For example, errors occur if the script attempts to set something in the global object. LWS implicitly enforces most strict mode restrictions, but allows writing to virtual global objects in its JavaScript sandboxes. Setting strict mode explicitly in code interferes with LWS.
The workaround is to remove "use strict"
in the third-party script.
Alternatively, modify the third-party code to assign self
to global
as shown in the Third-Party Library Sets Up on Global window
Object section.