SAP Knowledge Base Article - Public

3078874 - Custom Plugin Not Working When Content Security Policy (CSP) is enabled - Recruiting Marketing


Custom Plugin is not appearing when CSP is enabled from the Career Site Builder end.


SAP SuccessFactors Recruiting Marketing

Reproducing the Issue

1. Go to CSB > Settings

2. Data Privacy & Security Settings > Content Security Policy > Enable this feature

3. Go to respective career site > The custom plugin will not load


The following domains inside the custom plugin is not part of the allowed list in the Content Security Policy settings.


In order to verify the following domains in the custom plugin the user can do the following:

1. From the career site > Click on F12 or developer tools;

2. Check the console tab > Verify the URL being blocked by the Content Security Policy header (you will find a red message with the word Refused)

3. Add only the domain part of the URL (e.g. and not in the Content Security Policy configuration within Career Site Builder.

See Also

3044364 - Enabling Content Security Policy for RMK Site - Recruiting Marketing

3069320 - Removing of unsafe-* information in Content Security Policy (CSP) header - Recruiting Marketing


Recruiting Marketing, Content Security Policy, Custom Plugin, CSB, console , KBA , LOD-SF-RMK-CSB , Career Site Builder , LOD-SF-RMK-SEC , Security & Vulnerabilities , Problem


SAP SuccessFactors Recruiting all versions