Home Admin System Security settings
Instruction
Configuration mode - System - Security settings

How do I set up the Content Security Policy (CSP)?

In the i-Reserve environment, it is possible to configure a Content Security Policy (CSP). A CSP is an additional security layer that helps prevent malicious scripts and unwanted content from being executed in the i-Reserve environment. The CSP tells the browser which sources of content (such as scripts, stylesheets, images, and videos) may or may not be loaded and executed.

To configure these allowed sources, go to configuration mode in the i-Reserve environment. Then navigate to System > Security Settings. At the bottom of this page, you will find the settings related to the CSP.

The setting Content Security Policy (CSP) – Allowed Domains allows you to enter the sources from which all scripts and content may be executed and/or loaded in the environment. If there are sources that should only be allowed to execute and/or load specific scripts and content, these can be added to the option Content Security Policy (CSP) – Override.

The setting Content Security Policy (CSP) – Allowed Widget Domains is specifically for the i-Reserve widget. In this setting, you can specify the domains from which the widget may be loaded.

In environments with multiple licenses, the CSP settings are configured per license.

Users
Usergroups
User profiles
Security settings
Anonimise settings
Oauth providers
Import
E-mail setup
i-Reserve User

User

Are you a user of I-Reserve and are you dealing with everyday matters concerning reservations? Then you will probably find the answers to your questions here.
i-Reserve Admin

Admin

Are you responsible for the configuration and implementation of i-Reserve? Then you will find the answers for your tasks in this category.
i-Reserve Developer

Developer

Are you a designer or programmer and are you dealing with the styling and/or development of the frontend? Then take a look around in this category.