Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

We are in the process of implementing a strict Content Security Policy for Cross-site scripting

edited Dec 19, 2024 7:45AM in Eloqua 1 comment

We are in the process of implementing a strict Content Security Policy for our site to protect against potential security risks such as Cross-Site Scripting (XSS). The aim is to enforce a policy that only allows trusted resources (like external scripts, styles, images, etc.) to be loaded, while preventing any untrusted or unauthorized code execution. However, one key aspect is that our page relies on inline JavaScript for certain functionalities, such as defining client-side variables and interacting with external analytics services. We are seeking guidance on how to configure the CSP header in such a way that we can enforce

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!