Symptom
With release 1H 2021 (b2105), a Content Security Policy can be enabled in CSB.
The Content Security Policy, in the form of a Content-Security-Policy HTTP response header, lets you control the resources that are allowed to load for a web page, and is designed to guard against cross-site scripting attacks (XSS).
Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.
Environment
SAP SuccessFactors Recruiting Marketing
Resolution
For more information on the enablement of this feature, please check the section of the Recruiting Guide : Enabling the Content Security Policy for a Career Site
To check the Consent Security Policy once you search jobs on the career site :
On your browser, go to Inspect > Networks Tab Select the first URL to see the Consent Security Policy Header and the Domains allowed.
See Also
Keywords
Content Security Policy, Enable, Content-Security-Policy HTTP, cross-site scripting attacks (XSS), RMK-14753 , KBA , LOD-SF-RMK-CSB , Career Site Builder , How To
Product
Attachments
Pasted image.png |
Pasted image.png |