Enabling CSP headers and defining allowlists
Content Security Policy (CSP) is an HTTP response security header that developers and security architects can use to create lists of domains from which the site can load resources and executable scripts. In WorldServer, you can configure such lists of allowed domains in CSP headers in the general.properties file.
About this task
Usually, the allowed domains are those from which WorldServer consumes data or those it communicates with, such as JasperReports Server or Online Editor. For more information, see the Mozilla developer documentation.