adminUI shows blank page after configure Content-Security-Policy header as "default-src 'self';"
search cancel

adminUI shows blank page after configure Content-Security-Policy header as "default-src 'self';"

book

Article ID: 404439

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder)

Issue/Introduction

Edit standalone-full.xml and set the header value of Content-Security-Policy header to "default-src 'self';".

The adminUI shows blank page after login, and the browser's developer console shows errors as below,

Environment

Siteminder 12.8.07

Resolution

The security policy "default-src 'self';" is too strong for adminUI.

Set Content-Security-Policy header to following value should work,

"default-src 'self' 'unsafe-inline' 'unsafe-eval';"

Powered by Wolken Software