SAP Knowledge Base Article - Public

3044364 - Enabling Content Security Policy for RMK Site - Recruiting Marketing


With release 1H 2021 (b2105), a Content Security Policy can be enabled in CSB. 

The Content Security Policy, in the form of a Content-Security-Policy HTTP response header, lets you control the resources that are allowed to load for a web page, and is designed to guard against cross-site scripting attacks (XSS).

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental. 


SAP SuccessFactors Recruiting Marketing


For more information on the enablement of this feature, please check the section of the Recruiting Guide : Enabling the Content Security Policy for a Career Site

To check the Consent Security Policy once you search jobs on the career site :

On your browser, go to Inspect > Networks Tab Select the first URL to see the Consent Security Policy Header and the Domains allowed.  

See Also

Data Privacy & Security Settings in Career Site Builder Settings


Content Security Policy, Enable, Content-Security-Policy HTTP, cross-site scripting attacks (XSS), RMK-14753 , KBA , LOD-SF-RMK-CSB , Career Site Builder , How To


SAP SuccessFactors Recruiting all versions


Pasted image.png
Pasted image.png