Zoom Embedding Without React Web Workers

Hi! I am embedding Zoom CDN into a CRM portal (Salesforce) where I have whitelisted all the script tags Zoom needs. Whitelisting gives certain levels of CSP policies for those URLs, mainly “script-src”

One CSP Policy the portal does not allow is worker-src. This is problematic because the react-dom plugin used by zoom utilizes Web Workers which fails and causes a "Join meeting timeout" error from Zoom.

HOWEVER If I click “Retry” on that timeout message, the meeting will load without issue.

My question is: Is there a way to embed zoom, or load react-dom without web workers referenced by the plugin? It seems like there is some sort of fallback method that is called on retry.

Refused to create a worker from ‘blob:https://…’ because it violates the following Content Security Policy directive: "script-src ‘self’ ‘unsafe-eval’ ‘unsafe-inline’ (whitelisted urls here). Note that ‘worker-src’ was not explicitly set, so ‘script-src’ is used as a fallback.

Which version?


Smartphone (please complete the following information):

  • Device: Mac Laptop
  • OS: High Sierra
  • Version: 10.13.6
  • Browser:Chrome

bump! Would love a response from zoom / an SDK guru.

We’d really love to integrate the SDK on salesforce, and we know there is some fallback mechanism behind the scenes if web-workers fail. Anyone able to help us out here?

Hey @jpower, @mlandels,

To fix this issue, please upgrade to at least Web SDK version 1.7.8: