Security
Use Security to control the level of security in Transtream.
Content Security Policy
The Content Security table allows Admin users to add domains to the Content Security Policy Header of their apps. Note you are not able to view, edit or remove the default Content Security Policy entries.
Adding an Entry
An entry can be added by selecting New Entry. A form will appear under the table with a selection field and a text field for its Type and Value. Select Save to save the new entry.
Values must be either self, data:, a valid domain, a valid subdomain or any other valid DNS entry. Flags, such as *.google.com, are not allowed. Policy Types must be one of the following available types:
- default-src
- script-src
- style-src
- connect-src
- object-src
- img-src
- font-src
- media-src
- child-src
Duplicate entries (same value and type) are not allowed, although they may be equal to those defined in the default Content Security Policy Header, as they will be filtered out on runtime.
Edit Entries
Entries can be edited by clicking on the cog icon in their row, or by selecting the row itself. A form will be displayed under the table with its current values.
Delete Entries
Entries can be deleted by clicking on the bin icon in their row. A popup will be displayed to ask for confirmation regarding deletion.
Search Values
There is a search box for searching for specific values.
Filter Types
Entries may be filtered by expanding the Filter Types dropdown menu and clicking on the desired type. Rows will be filtered according to this type. Selecting another type or searching for values will undo the previous filter selection. Selecting the currently selected type will deselect it.
