Setting Content-Security-Policy header for Cognos Analytics
You can apply a fix to set the Content-Security-Policy (CSP) header for Cognos Analytics on IBM® Software Hub.
Applying the fix
To apply the fix, do the following steps:
- Create the
cognos-custom-front door-cmconfiguration map in thezen control planenamespace. For example, the map might have the following content:kind: ConfigMap apiVersion: v1 metadata: name: cognos-custom-frontdoor-cm namespace: cpd-instance immutable: false data: headers: | proxy_hide_header "x-frame-options"; add_header "X-Frame-Options" "ALLOW-FROM https://www.ibm.com"; add_header Content-Security-Policy "object-src 'self'; frame-ancestors https://www.ibm.com/ 'self'; script-src 'self' 'unsafe-eval' https://www.ibm.com https://cdn.walkme.com 'unsafe-inline' data: blob:; default-src 'self' 'unsafe-inline' https://www.ibm.com https://cdn.walkme.com 'unsafe-eval' data: blob:; frame-src https://cdn.walkme.com $http_host data: blob:; frame-ancestors $http_host data: blob:;form-action $http_host data: blob:;"; - Ensure that the Cognos Analytics service instance CR is in the
Completedstatus. Run the following command to get the CR installation status.oc get CAService -o yaml - Run the following commands to shutdown and restart the Cognos Analytics
service.
cpd-cli manage shutdown --components=cognos_analytics \ --cpd_instance_ns=${PROJECT_CPD_INST_OPERANDS}cpd-cli manage restart --components=cognos_analytics \ --cpd_instance_ns=${PROJECT_CPD_INST_OPERANDS}