Preventing Insecure Content

 In Security & Privacy

SecurityIt is no longer be possible to create or update records if they contain insecure links in their HTML, JavaScript or CSS fields.

Mixed content in 4me Self Service design

Any pre-existing insecure content will continue to work for now. To help customers prepare and migrate any insecure content, the account owners will receive an email with a list of records that are registered in their account and that include one or more links to insecure content.

Insecure content report email for account owner

This list is a JSON file attachment that should make it fairly easy to find the offending content.

JSON report listing insecure content

The insecure content can be migrated to a secured web server or 4me’s Media Library to ensure that it continues to work once the Content Security Policy (CSP) is enforced. Note that from now on, the CSP will already be enforced for every new 4me account.

UI ExtensionImage