Self-Hosting CSP Configuration

Avatar

Avatar

Alandy_Iceboats

Avatar

Alandy_Iceboats

Alandy_Iceboats

04-12-2020

When self-hosting via zip delivery, the Host is set to "Managed by Adobe", archive activated, and a self-hosted path is provided
The contained files are then placed on the server, preserving the directory structure

 

Regarding the CSP for this configuration. Why is it further required to add 'assets.adobedtm.com' as a trusted resource to allow inline scripts? Is the ZIP file not 100% self contained at this point?

csp security

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Alandy_Iceboats

Avatar

Alandy_Iceboats

Alandy_Iceboats

09-12-2020

Response from Client Care regarding the CSP documentation

 

"This is a typo in the document, we have raised a request to update it. That sentence is placed incorrectly in the self-hosting section. It belongs in the Adobe-managed hosting section. For self-hosting, you already have allowed scripts from your own domains. So, you do not have to do anything special to allow a Launch library from your own domain to execute."

Answers (0)