Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Skip to first unread message
Yozons eSignForms
Mar 8, 2024, 5:27:38 PM3/8/24
to Yozons eSignForms - Web-based e-contracting and document workflow
Version 24.3.9 - 9 March 2024
- Updated the standard HTTP headers to include Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; connect-src 'self'; font-src 'self' fonts.gstatic.com; img-src 'self' data:; frame-src 'self'; base-uri 'self';form-action 'self';To use, add the following to your web.xml setup:<filter>
<description>Sets security headers.</description>
<filter-name>AddSecurityHeaderFilter</filter-name>
<filter-class>com.esignforms.yozons.filter.AddSecurityHeaderFilter</filter-class>
<async-supported>true</async-supported>
<init-param>
<param-name>ContentSecurityPolicy</param-name>
<param-value>YOUR-CSP-OVERRIDE</param-value>
<!-- blank value: turns off; default value w/o init-param: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; connect-src 'self' *.ckeditor.com; font-src 'self' fonts.gstatic.com; img-src 'self' data:; frame-src 'self'; base-uri 'self'; form-action 'self'; --> </init-param>
</filter>
...
<filter-mapping>
<filter-name>AddSecurityHeaderFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping> - Created the SubstitutesDropDownViaCSVReport servlet for GoodbyeToPaper. It creates the Substitutes drop down using CSV data retrieved from the SubstituteRecord report.
- OPERATIONS VERSION UPGRADE NOTICE:
- Database updates required (pre.sql/update.sql/post.sql): NO
- rundbsetup/DbSetup DB conversion required: NO
- web.xml changes required: YES
Reply all
Reply to author
Forward
0 new messages