earth_america
user_standard Log on
action_search_stroke
earth_america
Log on to rate and give feedback 1 2 3 4 5 Log on to rate
0
Concept

Concept


Products: AS-B, Edge Server, Enterprise Central, Enterprise Server, AS-P, Virtual Project Servers, WebStation
Functionalities: Security
Product version: 2023, 2024
9/30/2024

Security Configuration in WebStation

For security reasons, the default configuration for WebStation is, for example, not to allow external content to be embedded.

The default configuration can be changed in the Security Settings in WorkStation or in the System Security tab in the Options menu.

Enable external websites to be embedded into WebStation

You can enable external websites to be displayed in WebStation. By selecting this option any website can be embedded.

Enabling external websites to be embedded into WebStation lowers the security significantly. Do not enable external websites to be embedded into WebStation if you do not understand the security implications. For more information, see HTML Utilities .

Lists external websites that are allowed to be embedded into WebStation

You can create a list of websites that are allowed to be embedded into WebStation. The list is a whitelist of allowed external websites.

Enabling external websites to be embedded into WebStation lowers the security significantly. Do not enable external websites to be embedded into WebStation if you do not understand the security implications. For more information, see HTML Utilities .

Enable WebStation to be embedded in another website

You can enable WebStation to be embedded in other sites.

Website to allow access to WebStation when embedded

You can create a list of websites that are allowed to access WebStation when WebStation is embedded in the website.

Type a list of websites that are allowed to access WebStation when WebStation is embedded in the website.

Enable WebStation to use unsafe string evaluated JavaScript methods

Enable the graphic viewer in WebStation to use unsafe string evaluated JavaScript methods like ‘eval’.

Select if you have graphics written in older versions of EBO that cannot be displayed in 3.0 or later. For more information, see Cannot Open Graphics in WebStation .

Enable HSTS pre-load list

HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information.

HSTS pre-load list max-age

HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information.

Content Security Policy Report Uri

Content Security Policy is a security feature that allows you to take control of the resources your website is permitted to load and the actions it is allowed to take.

Type the name of the endpoint that the browser should use for reporting Content Security Policy violations.

See Also

  • Security Overview
  • HTML Utilities
  • Configuring Security in WebStation using WorkStation
  • Configuring Security in WebStation using WebStation