Custom Plugin is not appearing when CSP is enabled from the Career Site Builder end.
SAP SuccessFactors Recruiting Marketing
Reproducing the Issue
1. Go to CSB > Settings
2. Data Privacy & Security Settings > Content Security Policy > Enable this feature
3. Go to respective career site > The custom plugin will not load
The following domains inside the custom plugin is not part of the allowed list in the Content Security Policy settings.
In order to verify the following domains in the custom plugin the user can do the following:
1. From the career site > Click on F12 or developer tools;
2. Check the console tab > Verify the URL being blocked by the Content Security Policy header (you will find a red message with the word Refused)
3044364 - Enabling Content Security Policy for RMK Site - Recruiting Marketing
3069320 - Removing of unsafe-* information in Content Security Policy (CSP) header - Recruiting Marketing
Recruiting Marketing, Content Security Policy, Custom Plugin, CSB, console , KBA , LOD-SF-RMK-CSB , Career Site Builder , LOD-SF-RMK-SEC , Security & Vulnerabilities , Problem