Securing your application with a content security policy

You can use content security policies to indicate from where your application can load resources, which makes your application more secure. To view or update the content security policies in your application, or to view the content security policies that are available in Pega Platform, do one of the following actions.

Procedure
  • To specify a content security policy for your application, complete the following steps.
    1. In the Dev Studio header, click Application name > Definition.
    2. On the Application form, click the Integration & security tab.
    3. In the Policy name field, press the Down Arrow key, and then select the name of a content security policy.
    4. Specify whether to enforce the policy, or to merely report usage of the policy, by clicking one of the following.
      • Reject and report – Enforce the policy
      • Report only – Report, but do not enforce the policy
    5. Click Save.
  • To view the content security policy for your application, in the Dev Studio header, click Application name > Definition, and then click the Integration & security tab.
  • To list all the content security policies that are available to you, in the navigation panel, click Records > Security > Content Security Policy.