clarify trailing slash dependency in cdnBasePath

jansenbe · jansenbe · commit ac4386653e2a · 2025-12-17T19:43:50.000+01:00
diff --git a/docs/spfx/content-securty-policy-trusted-script-sources.md b/docs/spfx/content-securty-policy-trusted-script-sources.md
@@ -131,6 +131,7 @@ However, if your solution implements [Option 3](#option-3-dynamically-load-a-scr
 
 > [!IMPORTANT]
 >
+> - When you've configured the `cdnBasePath` without a trailing slash then added entry in **Trusted script sources** needs to be updated by adding the trailing slash. In future this will happen automatically, but for already added solutions this update needs to be done manually.
 > - If your SPFx solution loads scripts any other way, you'll need to manually add an entry to the **Trusted script sources**. If your SPFx solutions use inline script, then the recommended approach is to move the inline script into a script file, as **inline script will be blocked by the Content Security Policy (CSP)** in SharePoint Online.
 > - The community [Script Editor web part](https://github.com/pnp/sp-dev-fx-webparts/tree/main/samples/react-script-editor) and its variations also use an inline script whenever the user adds a script on a page via the web part. Added script will not execute, added HTML will still work.
 > - CSP is only enforced for scripts on non-classic pages; for example, a SharePoint SPFx web part hosted on a classic wiki page will not have policies applied.

Original file line number	Diff line number	Diff line change
`@@ -131,6 +131,7 @@ However, if your solution implements [Option 3](#option-3-dynamically-load-a-scr`
`131`	`131`
`132`	`132`	`> [!IMPORTANT]`
`133`	`133`	`>`
	`134`	+> - When you've configured the `cdnBasePath` without a trailing slash then added entry in Trusted script sources needs to be updated by adding the trailing slash. In future this will happen automatically, but for already added solutions this update needs to be done manually.
`134`	`135`	`> - If your SPFx solution loads scripts any other way, you'll need to manually add an entry to the Trusted script sources. If your SPFx solutions use inline script, then the recommended approach is to move the inline script into a script file, as inline script will be blocked by the Content Security Policy (CSP) in SharePoint Online.`
`135`	`136`	`> - The community [Script Editor web part](https://github.com/pnp/sp-dev-fx-webparts/tree/main/samples/react-script-editor) and its variations also use an inline script whenever the user adds a script on a page via the web part. Added script will not execute, added HTML will still work.`
`136`	`137`	`> - CSP is only enforced for scripts on non-classic pages; for example, a SharePoint SPFx web part hosted on a classic wiki page will not have policies applied.`