IBM BAW provides configuration settings at the deployment environment level to harden security that mitigates web application threats; enable them by setting custom properties at the DE level in the configuration repository by using setBPMProperty command
BPM/BAW skill needed
BPM standard, BPM UI, BAW
wsadmin tool is used to configure and administer application servers, application deployment, and server runtime operations. Open a command prompt and navigate to the BPM/BAW <install root>/bin and start the wsadmin using the below command
wsadmin.bat -lang jython
AdminTask.setBPMProperty([‘-de’, ‘WorkflowCenter’, ‘-name’,’Security.ContentSecurityPolicyHeaderValue’, ‘-value’, “default-src ‘self’ ‘unsafe-inline’‘unsafe-eval’ https://bpm1.ibm.com:8410 ;frame-ancestors ‘self’; img-src ‘self’ data:”])
1) Replace ‘WorkflowCenter’ with the name of your deployment environment
2) Replace https://bpm1.ibm.com:8410 with url:portnumber to which you want to connect to securely.
By running this command, you are setting the ContentSecurityPolicyHeaderValue Security property. This property instructs the browser to load and run assets in the context of Business Automation Workflow user interfaces only from a set of whitelisted origins. The above command instructs the browser to retrieve data from the whitelisted URI.
This should reflect the updated value for the property
Run AdminConfig.save() to save the changes done.
Now you should be able to connect to the external domain from your BPM/BAW UI