Articles in this section
Category / Section

Do enable Content Security Policy will affect existing dashboards rendering?

Published:

Enabling Content Security Policy (CSP) will not affect dashboard rendering unless the resources loaded inside the dashboards are requested from unknown domains and URLs are not excluded from CSP settings. If you want to load resources for your dashboard from an external URL, then you need to add that URL in the respective sources section in the CSP settings.

Click on the Content Security Policy Settings to learn how to configure CSP in the Bold BI.

NOTE: Enabling Content Security Policy support is not available in On-Premises Deployment, but it is available in Syncfusion Managed Cloud Server.

How will the dashboards get affected while content security policy enabled?

The Content Security Policy uses the Content-Security-Policy response header to restrict resource loading from unknown domains and allow resources only from the configured list of domains for each source. Therefore, resources such as images and frames loaded inside the dashboard widget from external URLs other than your current domain will be restricted when the CSP is enabled. Let’s examine some scenarios in which the CSP will impact the widget and dashboard rendering.

Custom widgets

Custom widgets that allow frame source and image source from external URLs will be affected when CSP is enabled in Bold BI. To avoid this, you need to include the external URLs in the respective source sections in the CSP configuration.

Refer to this link to know how to include external URLs for the image source in CSP.

Refer to this link to know how to include external URLs for the frame source in CSP.

Text (Rich Text Editor) widget

The Rich Text Editor widget, which allows for frame and image sources from external URLs for frame and image embedding, will be affected when CSP is enabled in Bold BI. To prevent this, you must include the external URLs in the respective source section in the CSP configuration.

Refer to this link to know how to include external URLs for the image source in CSP.

Refer to this link to know how to include external URLs for the frame source in CSP.

Widget using image and link

A widget that allows for image or frame sources from an external URL for the background image, icon image, or linking external URL will be affected when the Content Security Policy (CSP) is enabled in Bold BI. For example, the image property for the card widget, which supports conditional formatting with custom image uploads, and the link when opened in a pop-up. Images and frame sources loading from external URLs will be restricted by the CSP. To avoid this issue, you need to include the external URLs in the respective source sections in the CSP configuration.

Refer to this link to know how to include external URLs for the image source in CSP.

Refer to this link to know how to include external URLs for the frame source in CSP.

Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
NG
Written by Nisanth Gunasekaran
Updated
Comments (0)
Please  to leave a comment
Access denied
Access denied