Smartstaff
2,271
edits
Changes
m
→Stronger Security Configuration of Web Servers
<!-- 162685 - increase the strength of web server CSP -->
Updated the Content Security Policy of web servers with a stronger configuration for improved security. One change included in this is that the platform will now begin blocking attempts to include executables such as script libraries sourced directly from external systems. The perceived behavior of this may be an inability of a user's web browser to load or run script content that is being imported directly from an external source. An example error message thrown by a web browser may make reference to the server's Content-Security-Policy which has blocked the loading of a resource. If you encounter any issues due to this change, SmartSimple may be able to make custom but temporary adjustments to your local SmartSimple environment to again allow the inclusion of the affected external resources. A permanent solution to this issue would be to avoid the inclusion of external resources into your SmartSimple system, but instead to store a copy locally within your system and reference the local copy of the resource.
[[File:refused-to-load-script.png|thumb|none|800px|Example An example of a blocked script displayed in Google Chrome's Developer Tools, (accessible via the F12key).]]
===Minor Updates===
