1. Security Administration Guide
  2. Disabling Content Security Policy in JD Edwards Application

Disabling Content Security Policy in JD Edwards Application

To disable the CSP using the soft-coding record:

  1. Access the P954000 application.
  2. Click Add.
  3. In the User/Role field, enter the EnterpriseOne user, role, or *PUBLIC.
  4. In the Environment Name field, enter the EnterpriseOne environment for which you are creating a record for allowed domain and attributes.
  5. In the Template Name field, enter CSP_ALLOWED_DIRECTIVE_SCHEME.
    Note: You can use the Visual Assist (Search) icon to search for and select the CSP_ALLOWED_DIRECTIVE_SCHEME template.
  6. In the Soft Coding Key field, enter CSP_ALLOWED_DIRECTIVE_SCHEME.
  7. Click the Populate Soft Coding Value button to populate the Soft Coding Description and Soft Coding Value fields with the information from the CSP_ALLOWED_DIRECTIVE_SCHEME template.
    Note: The Record Type field is left blank by default.

  8. In the Soft Coding Value field, replace csp_directive and csp_directive_value with ENABLE_CSP and FALSE respectively as shown in the following example:

    <allow_content_security_policy>
    <properties>
        <property><name>ENABLE_CSP</name><value>FALSE</value></property>
    </properties>
</allow_content_security_policy>
  9. Click OK to save the record.
Note: You must log out and log back in to the JD Edwards EnterpriseOne application to apply CSP_ALLOWED_DIRECTIVE_SCHEME for the JD Edwards EnterpriseOne application.