SAP Knowledge Base Article - Public

3044364 - Enabling Content Security Policy for RMK Site - Recruiting Marketing

Symptom

With release 1H 2021 (b2105), a Content Security Policy can be enabled in CSB. 

The Content Security Policy, in the form of a Content-Security-Policy HTTP response header, lets you control the resources that are allowed to load for a web page, and is designed to guard against cross-site scripting attacks (XSS).

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental. 

Environment

SAP SuccessFactors Recruiting Marketing

Resolution

For more information on the enablement of this feature, please check the section of the Recruiting Guide : Enabling the Content Security Policy for a Career Site


To check the Consent Security Policy once you search jobs on the career site :

On your browser, go to Inspect > Networks Tab Select the first URL to see the Consent Security Policy Header and the Domains allowed.  



See Also

Data Privacy & Security Settings in Career Site Builder Settings

Keywords

Content Security Policy, Enable, Content-Security-Policy HTTP, cross-site scripting attacks (XSS), RMK-14753 , KBA , LOD-SF-RMK-CSB , Career Site Builder , How To

Product

SAP SuccessFactors Recruiting all versions

Attachments

Pasted image.png
Pasted image.png