Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Configuring the content security policy

Updated on March 25, 2020

A content security policy is a type of security provided through the HTTP response header. It specifies the uniform resource locators from where web page resources such as frames, images, and stylesheets are loaded. It helps to prevent common web vulnerabilities such as code injection and cross-site scripting. If you do not define this policy then the browser loads page resources that might have malicious content. For more information about content security policy, see Content security policies

Note: Complete this task only if you have hosted Chat on cloud. On-premises clients must take care of the security of their own installation.

If your Chat implementation uses the Pega cloud collaboration services, update your Pega application to use the AllowPegaCollaborationServices content security policy. For more information on Pega cloud collaboration services, see Pega Cloud Collaboration Services.

  1. Log in to Dev Studio by entering your administrator credentials.
  2. Click the Application menu > Definition.
  3. On the Integrity & security tab, in the Policy name list, select AllowPegaCollaborationServices.
  4. Click Save.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us