CSP (Content Security Policy) allows the user to only allow specific domains to display content on the KACE SMA. This can help with mitigating attacks such as Cross-Site Scripting and data injection.
Warning: Misconfiguration of CSP can lead to certain appliance functionality not working correctly such as images and videos not being displayed. KACE Support should be contacted if misconfiguration leads to access issues.
For detailed information regarding CSP, please refer to Mozilla’s MDN Web Docs on Content Security Policy (CSP).
NOTE: Any domain/URL added to a directive that is not the default-src will block that specific content from any other domains that are also not added to that specific directive
Directive | KACE Trusted Domains |
---|---|
Default-src |
*.quest.com
127.0.0.1
*.brightcove.com
*.brightcove.net
*.boltdns.net
|
Style-src | *.googleapis.com |
Script-src |
*.zencdn.net
*.brightcove.com
*.brightcove.net
|
Img-src |
*.brightcove.com
*.brightcove.net
|
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center