Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Security:System requires content outside Pega (eg amazonaws.com)

SA-23666

Summary



On performing an analysis on content loaded on Pega 7.1.4 Customer Process Manager (CPM) user portal, user found out that it is requires few content from "https://firefly-071591.s3.amazonaws.com" like :
  • https://firefly-071591.s3.amazonaws.com/scripts/final/customer.js,
  • https://firefly-071591.s3.amazonaws.com/img/cross_icon.jpg,
  • https://firefly-071591.s3.amazonaws.com/settings/Enter%20PortalCobrowsingAPIToken%20Here/accountSettings.js?callback=jQuery1111011236455966718495_1454687066434&_=1454687066435, ...


User requires a way to remove all this content from the screens as there is no need for co-browsing functionality and references to code, that is hosted on external servers is not allowed in our system.


Error Messages



Error retrieving javascripts as access to the locations is not allowed from our environment.


Steps to Reproduce

  1. Install Pega 7.1.9 with CS (CPM) 7.1.4.
  2. Restrict access to https://firefly-071591.s3.amazonaws.com (block via firewall). Js Errors will occur on the default portal after login in as a standard CPM user.


Root Cause



The Interaction Portal always downloads the Co-Browsing scripts because of the inclusion of PortalCoBrowsing section in the Portal header. This should only be included if Co-Browsing is enabled.

Resolution



Apply HFix-26170.

This fix updates the InteractionPortalHeader section to add a Visible When around the co-browsing section include.
The Declare_CAApplicationSettings Data Page is used to control this setting.
Note: The licensed install of PegaCALL 7.1.3.3 is required by dependent HFix-24822.

 

Suggest Edit

Published June 30, 2016 - Updated December 2, 2021

Did you find this content helpful? Yes No

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us