Article Details
| Id: | 18384 |
| Product: | finPOWER Connect |
| Type: | FIX |
| Version: | 3.04.01 |
| Opened: | 18/06/2021 |
| Closed: | 21/07/2021 |
| Released: | 31/08/2021 |
| Job: | J026804 |
 High Importance |
|
finPOWER Connect Cloud Configuration; Content Security Policy; Defaults no longer contain wildcards
The Security page of the finPOWER Connect Cloud Configuration form allows Content Security Policy to be enabled.
The blank tips on the various fields show the defaults used. Previously, many of these contained wildcards (an asterisk) which was flagged as not being ideal by various security applications such as OWASP ZAP.