The following information addresses technical situations that you might encounter after setting up the ID DataWeb Integration Kit.
Situation | Information |
---|---|
Using ID DataWeb with PingFederate 11.3 results in the following error: Refused to load the script 'https://content.maxconnector.com/fp/tags.js?org_id=716kkpe1&api_key=bvrbl1ev61nw7zq7&pageid=verify&session_id=577fa681-da3d-45e0-b982-6fa0841cc2bd' because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-sJyOa0AjeQgjsZDh'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. |
Update the HTML form template in $PF_HOME/server/default/conf/templates. HTML pages implementing ContentSecurityPolicy restrictions might
require updating the For example, PingFederate 11.3 has updated default templates with strict CSP settings. To use the id_dataweb_device_profiling JavaScript file with PingFederate 11.3 default templates, update the following line in the template's CSP settings:
Updated line:
|