Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

Links:

Digizuite DAM Center

Dam Center uses the httpProtocol CustomHeaders to inject the CSP configuration.

...

Older DC Versions does not have this endpoint - instead the Developer Console in Google Chrome can be used to find policies needed.

Example CSP Policy for DC 5.5.0

Code Block
<add name="Content-Security-Policy-Report-Only" value="
report-to /dmm3bwsv3/csp-reports;
report-uri /dmm3bwsv3/csp-reports;
base-uri 'self';
default-src 'self';
style-src-attr 'unsafe-inline';
style-src-elem 'self' 'unsafe-inline';
img-src data: 'self';
script-src 'self' 'unsafe-inline' 'unsafe-eval';
" />

Example CSP Policy for DC before 5.5.0

Code Block
<add name="Content-Security-Policy-Report-Only" value="
base-uri 'self';
default-src 'self';
style-src-attr 'unsafe-inline';
style-src-elem 'self' 'unsafe-inline';
img-src data: 'self';
script-src 'self' 'unsafe-inline' 'unsafe-eval';
" />

...