...
Info |
---|
Links: |
Digizuite DAM Center
Dam Center uses the httpProtocol CustomHeaders to inject the CSP configuration.
...
Older DC Versions does not have this endpoint - instead the Developer Console in Google Chrome can be used to find policies needed.
Example CSP Policy for DC 5.5.0
Code Block |
---|
<add name="Content-Security-Policy-Report-Only" value=" report-to /dmm3bwsv3/csp-reports; report-uri /dmm3bwsv3/csp-reports; base-uri 'self'; default-src 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; img-src data: 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; " /> |
Example CSP Policy for DC before 5.5.0
Code Block |
---|
<add name="Content-Security-Policy-Report-Only" value=" base-uri 'self'; default-src 'self'; style-src-attr 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; img-src data: 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; " /> |
...