Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.

CSP Violations from *.demdex.net & *.tt.omtrdc.net while these domains are in whitelist

Avatar

Level 1

I'm encountering a problem while having CSP header set on my page, and as per https://docs.adobe.com/content/help/en/id-service/using/reference/csp.html

I've added the relevant domains with wildcard but still seeing violation reports to my backend saying these domains report the policy. Is this something familiar?
Mostly on Windows machines from all browsers. any ideas on this?

2 Replies

Avatar

Level 1

Hello, I'm having the same problem, did you manage to solve it?

Avatar

Level 4

Follow below steps to block all the third party cookie(demdex, Fingerprinting, Authorization, General, Advertising) call when consent is not accepted to resolve CSP Violations.

1. Update Experience Cloud ID Service Enable Opt In? as YES

Amruthesh_AG_0-1704787503178.png

 

2.. Create a rule with event as window load.

2. In action select action type a custom code and place below custom code.

 

var visitor = Visitor.getInstance ("Organisation id@AdobeOrg",{
trackingServer: "INSERT-TRACKING-SERVER-HERE", // same as s.trackingServer

//For CNAME support only. Exclude these variables if you're not using CNAME
marketingCloudServer: "INSERT-TRACKING-SERVER-HERE",

//Function variable
disableThirdPartyCookies: true
});