Insights not loading in XFLOW
search cancel

Insights not loading in XFLOW

book

Article ID: 266808

calendar_today

Updated On:

Products

CA Service Management - Service Desk Manager

Issue/Introduction

Unable to access insights within xFlow and in the browser console it says: "Content Security Policy: The page’s settings blocked the loading of a resource at https://hostname:port/jasperserver-pro/flow.html?_...("child.src").

 

Environment

Release : 17.3

Resolution

The issue is resolved by updating security headers in the application.conf as below:

# Security headers
play.filters.headers.allowActionSpecificHeaders = "true"
play.filters.headers.xssProtection =  "1; mode=block"
play.filters.headers.frameOptions = "SAMEORIGIN"
play.filters.headers.contentSecurityPolicy = "script-src 'self' 'unsafe-inline' 'unsafe-eval'"
play.filters.headers.permittedCrossDomainPolicies = null