Dear Team,
I am writing to request assistance with configuring Content Security Policy (CSP) in the httpd.conf file for our Appian application hosted on an Apache web server. We aim to enhance our application's security posture by implementing a robust CSP to mitigate risks associated with script-based attacks such as Cross-Site Scripting (XSS).
httpd.conf
Below is the CSP configuration which i get on the application
Content security policy : report-uri /suite/rest/a/logging/latest/csp/report; report-to report; is there any way to mitigate the issue
Discussion posts and replies are publicly visible
I suggest to discuss this with Appian in a support case.