What is a content security policy?
Content Security Policy(CSP) is an additional security layer that helps an application mitigate client-side attacks, including Cross-Site Scripting (XSS) and data injection attacks. Only trusted website resources will load once the CSP is enabled.
What are we changing?
Going forward, all web responses will have the CSP header appended to them which will increase the header size. This also includes public API responses. These changes are applicable to our agent portal only.
What should you do?
If you have done any customization, please ensure that this additional header in the API response is accounted for.
This is effective from Jan 2023.
With CSP enabled, the header will be:
Without the feature response header will be:
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article