Optional: Customizing your Navigator firewall settings
You can add an XML file to your configuration overrides directory to customize the firewall settings for your Navigator environment.
About this task
The default value of the Content Security Policy (CSP) header used by the default web application firewall (WAF) policy in Navigator does not allow loading of external resources unless HTTPS is used. It also prevents Navigator from being embedded in external hosts even if HTTPS is used. If you want to remove these restrictions for external hosts that you trust, you can use a custom policy file and configure the value of the CSP header. For more information, see How to configure the Content Security Policy header in Navigator.
If you customize the default CSP, you need to add WalkMe domains to your allowed-list that are necessary to use WalkMe. For more information about Required Domains for Viewing and Playing WalkMe (End Users), see https://support.walkme.com/knowledge-base/access-requirements-for-walkme/.
Procedure
To customize your Navigator firewall settings:
- Make a copy of the ESAPIWafPolicy.xml file from the configDropins/overrides directory for your Navigator pod.
- Edit the parameters to match your environment requirements.
- Save your customized ESAPIWafPolicy.xml file to the
configDropins/overrides directory for your Navigator deployment. The file must be named ESAPIWafPolicy.xml.
- Scale your deployment down to 0, then back up to pick up the configuration change.