How to do Content Security Domain update in Clarity database

book

Article ID: 189773

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

How to perform a Content Security Domain update in Clarity database, I would like to whitelist URLs for use with Clarity. How do I update CONTENT_SECURITY_DOMAINS? 

Environment

Release : All Supported Clarity releases

Component : CA PPM APPLICATION

Resolution

The allowed domains are stored in CMN_OPTIONS_VALUES table. They can be updated with commands run on the Clarity app server. 

Here is how to add and remove the values: 

Example 1: The following command adds a new ca.com option value for the CONTENT_SECURITY_DOMAINS setting in the cmn_option_values table:

admin system-options -add CONTENT_SECURITY_DOMAINS ca.com -multi
  
Example 2: The first command deletes all current domains and seed data, and then the remaining lines add all the given domains:

admin system-options -delete CONTENT_SECURITY_DOMAINS

admin system-options -add CONTENT_SECURITY_DOMAINS "'self'" -multi
admin system-options -add CONTENT_SECURITY_DOMAINS cppmxxxx.ca.com -multi
admin system-options -add CONTENT_SECURITY_DOMAINS ca.com -multi
admin system-options -add CONTENT_SECURITY_DOMAINS docops.ca.com -multi
admin system-options -add CONTENT_SECURITY_DOMAINS fonts.googleapis.com -multi

Example 3: The following command adds a new  ca.com  option value for the CONTENT_SECURITY_DOMAINS setting in the cmn_option_values table:

admin system-options -add CONTENT_SECURITY_DOMAINS ca.com -multi

Example 4: The following command lists option values for the CONTENT_SECURITY_DOMAINS setting in the cmn_option_values table:

admin system-options -list CONTENT_SECURITY_DOMAINS

After issuing the commands, flush all caches especially systemOptions and securityDomains.

In some instances a restart of the app server may be required for the change to function.

Additional Information

To check which options are selected in the database, run the query:

select * from cmn_option_values where option_id in
( select id from cmn_options where option_code ='CONTENT_SECURITY_DOMAINS')

Additional documentation here:

CSA: Service and Admin Command-Line Utilities (On-Premise Only)