https://community.cisco.com/t5/network-access-control/modifying-content-security-policy-csp-for-portals/m-p/3895260#M471216 <P>Hey folks,</P> <P>I have a customer who is looking to implement a search feature for a Self-Registered Portal, where the "Person being visited" field populates with some autocomplete-style results.</P> <P>Last I heard, this was scheduled to be implemented in ISE 2.7, but I figured it might be possible to do this today with a little code.&nbsp; I'm <EM><STRONG>this</STRONG></EM> close to getting it to work, but since the AJAX request for the LDAP data calls out to a different host, it violates the "script-src" Content Security Policy that ISE is pushing to the browser.</P> <P>Is there any way to modify the CSP header for the portals so that I can allow AJAX calls to a third-party site?</P> Tue, 23 Jul 2019 02:44:29 GMT alanix@cisco.com 2019-07-23T02:44:29Z https://community.cisco.com/t5/network-access-control/modifying-content-security-policy-csp-for-portals/m-p/3895260#M471216 <P>Hey folks,</P> <P>I have a customer who is looking to implement a search feature for a Self-Registered Portal, where the "Person being visited" field populates with some autocomplete-style results.</P> <P>Last I heard, this was scheduled to be implemented in ISE 2.7, but I figured it might be possible to do this today with a little code.&nbsp; I'm <EM><STRONG>this</STRONG></EM> close to getting it to work, but since the AJAX request for the LDAP data calls out to a different host, it violates the "script-src" Content Security Policy that ISE is pushing to the browser.</P> <P>Is there any way to modify the CSP header for the portals so that I can allow AJAX calls to a third-party site?</P> Tue, 23 Jul 2019 02:44:29 GMT https://community.cisco.com/t5/network-access-control/modifying-content-security-policy-csp-for-portals/m-p/3895260#M471216 alanix@cisco.com 2019-07-23T02:44:29Z https://community.cisco.com/t5/network-access-control/modifying-content-security-policy-csp-for-portals/m-p/3895287#M471228 <P>This is not configurable today.</P> Tue, 23 Jul 2019 04:02:34 GMT https://community.cisco.com/t5/network-access-control/modifying-content-security-policy-csp-for-portals/m-p/3895287#M471228 hslai 2019-07-23T04:02:34Z https://community.cisco.com/t5/network-access-control/modifying-content-security-policy-csp-for-portals/m-p/3895681#M471234 <P>Thank you for the quick response!</P> <P>Is there any thought to possibly providing a way to change the CSP in the future?&nbsp; It would be really beneficial for customers who want to extend the capabilities of their portals.</P> Tue, 23 Jul 2019 13:28:29 GMT https://community.cisco.com/t5/network-access-control/modifying-content-security-policy-csp-for-portals/m-p/3895681#M471234 alanix@cisco.com 2019-07-23T13:28:29Z https://community.cisco.com/t5/network-access-control/modifying-content-security-policy-csp-for-portals/m-p/3898623#M471313 <P>Please connect with our PM directly, if you would like that as a feature.</P> Sat, 27 Jul 2019 04:07:28 GMT https://community.cisco.com/t5/network-access-control/modifying-content-security-policy-csp-for-portals/m-p/3898623#M471313 hslai 2019-07-27T04:07:28Z