Customers using the CSP Trusted Sites feature may receive a 500 or 502 server internal error if the HTTP header size exceeds the limit of 8 KB. We recommend that you review your trusted sites, deselect directives that aren't relevant for the site and use the wildcard character (*) when appropriate to reduce repetition.
Navigate to the Salesforce Setup:
If you’re using Lightning Experience, click the settings icon, then select Setup Home.
If you’re using Salesforce Classic and you see Setup in the user interface header, click it.
If you’re using Salesforce Classic and you don’t see Setup in the header, click your name, then select Setup.
Enter "CSP Trusted Sites" in the Quick Find box, then select the appropriate page from the menu.
Search for the following entries and delete them by pressing "Del" under the "Action" column on the specific row of the listed entry:
Note: You do not need to create this entry unless you plan to use the Instagram Platform.
Under General Information, enter Instagram_CDN as the Trusted Site Name and https://lookaside.fbsbx.com as the Trusted Site URL.
Under CSP Directives, check the checkbox next to "Allow site for img-src" and "Allow site for media-src", and uncheck the rest of the checkboxes.
After making changes to the CSP Trusted Sites, all the users of the org should clear their browser cookies and hard-refresh the Salesforce browser tabs/windows to make sure that the new configuration propagates as expected.