Skip to content
Item Detail
1H 2026 Edit
Content Security Policy Exception List Enhanced with Manageable Default URIs and CSP Check
General Availability Info Only Customer Configured Impact: Low AI Enriched
Description

Some page URIs are excluded from Content Security Policy (CSP) enforcement by default. Now, these default exclusions are visible in the CSP exception list, allowing you to review and manage them as needed. Additionally, you can use a new feature called CSP Check to test CSP enforcement and resolve issues before removing URIs from the exception list.See More

Detailed Description

Some page URIs are excluded from Content Security Policy (CSP) enforcement by default. Now, these default exclusions are visible in the CSP exception list, allowing you to review and manage them as needed. Additionally, you can use a new feature called CSP Check to test CSP enforcement and resolve issues before removing URIs from the exception list.

Impact Assessment

This change affects SAP SuccessFactors implementations by introducing updated behavior or new capabilities. Implementation teams should review the change and assess whether configuration adjustments, user training, or regression testing are required. The impact is expected to be minimal and may not require any action.

Test Recommendations
• Test the candidate application flow, career site navigation, and interview scheduling workflows. • Verify that job postings, candidate statuses, and notifications function correctly. • Test the updated UI across supported browsers and screen resolutions. • Verify navigation flows and ensure no broken links or missing UI elements. • Test position management, headcount reporting, and org chart display after the change.
Product: Platform
Modules: Security and Compliance
Feature: Not Applicable
Reference: SFASE-3069
Version: 1H 2026
Valid as Of: May 15, 2026
Latest Revision: Apr 03, 2026
Affected Areas:
Recruiting Org Management Administration Security & Permissions AI & Business AI