Configuring URLs for the Content Security Policy - Hyland Clinician Window - 23.1 - 23.1 - Other - external

Hyland Clinician Window

Platform
Other
Product
Hyland Clinician Window
Release
23.1
License

For additional security measures, it is recommended that all known URLs that will communicate with the Clinician Window UI be placed in the contentSecurityPolicy.json configuration file under the Frame and FrameAncestors elements.

To configure URLs in the contentSecurityPolicy.json configuration file:

  1. Open the contentSecurityPolicy.json configuration file in a plain-text editor. In a default installation, this file is located at C:\Program Files\Hyland\CW\config.
  2. Find the Policies attribute beneath the Frame element.
  3. Within the Policies attribute, enter all known URLs that will communicate with the Clinician Window UI. For example:

    "Frame": {

    "Policies": [

    "'self'",

    "https://my.domain-a.com/",

    "https://my.domain-b.com/"

    ]

    Note:

    When entering URLs, in the above example, you can use the term self to indicate the domain of Clinician Window UI you are currently configuring.

  4. Find the Policies attribute beneath the FrameAncestors element.
  5. Within the Policies attribute, enter the same URLs you entered within the Policies attribute of the Frame element from the previous steps in this procedure. For example:

    "FrameAncestors": {

    "Policies": [

    "'self'",

    "https://my.domain-a.com/",

    "https://my.domain-b.com/"

    ]

  6. Save and close the contentSecurityPolicy.json configuration file.