Configure Web Application Security

Content security policy (CSP) helps defend against cyber attacks such as data theft, site vandalism, malware distribution, and malicious scripts. Digital Chat in CXone allows you to enhance the security of your website by designating which domains are allowed. This is also available if you use CXone Guide to offer digital chat. Designating permitted domains is a cyber security strategy that protects your network by only allowing certain domains to function while using your site. You can also designate specific styles and scripts that are acceptable for your website. A default source (a script or style) is required to prevent unapproved styles or directives from being applied to your content.

Add Allowed URLs for Web Application

Fields and Save button for Web Application security. One field is for Style-src. The other is Script-src.

  1. Click the app selector and select ACD.

  2. Go to DFO > Points of Contact Digital.

  3. Under Your Channels, click Web application security.

    Web Application Security button outlined by a red rectangle.

  4. Under Style-src, enter the URLs you want to be accessible. Enter each new URL on a new line.

  5. Under Script-src, enter the URLs you want to be accessible. Enter each new URL on a new line.

  6. Click Save.

Click the link in CXone below Save to access additional information on CSP.

Test Web Application Security

After you configure the Web Application Security page, ensure that everything appears and behaves correctly for your site. The steps to enable and test chat function are different depending on whether you use CXone Guide to offer chat or standalone digital chat: