SAP Knowledge Base Article - Public

3069320 - Removing of unsafe-* information in Content Security Policy (CSP) header - Recruiting Marketing

Symptom

Possibility of removing  unsafe-* information Content Security Policy (CSP) in CSB.

Environment

SAP SuccessFactors Recruiting Marketing

Resolution

As per Engineering and Product Management team even though the Content Security Policy (CSP) includes unsafe-* information, we don't have any vulnerabilities in the system. As of now we cannot remove this from the header. If you want to add the functionality of removing this in the header then you can raise an enhancement request in this article 2090228 - How to Submit Ideas for SAP SuccessFactors Products.

See Also

2090228 - How to Submit Ideas for SAP SuccessFactors Products.

3044364 - Enabling Content Security Policy for RMK Site - Recruiting Marketing

Keywords

Content Security Policy, unsafe, vulnerability, CSB, Recruiting Marketing, Header , KBA , LOD-SF-RMK-CSB , Career Site Builder , How To

Product

SAP SuccessFactors Recruiting all versions