Hi @dorHerbesman - I would recommend opening a case with support, they’ll be able to help you troubleshoot what’s going on!

Hi,

Is there any way to disable it on splunkcloud?

In Splunk Cloud 9.0.2303, you'll be able to use the Dashboards Trusted Domains list to suppress the redirection warning for any trusted domains. You'll also have an option to completely disable the redirection warning for dashboards, although that's not recommended since links out of Splunk could contain sensitive information embedded in token values/URL params. 

You can check out the release notes here: https://docs.splunk.com/Documentation/SplunkCloud/9.0.2303/DashStudio/WhatNewSC

Hi, I see on Documentation that now we have 2 variables on web-features.conf to disable external content restriction.

Enable_dashboards_external_content_restriction and Enable_dashboards_redirection_restriction

but on this section or on web-features.conf specification page, this variables doesn't appear. We don't know which stanza use for that.

https://docs.splunk.com/Documentation/Splunk/9.0.5/Admin/Web-featuresconf#web-features.conf

I meet the same problem. We use many panel html with <style> balise to add dynamic interaction and custom layout with Dashboard XML.

Hey @romux72 - those flags are not yet available in 9.0.x web-features.conf. They will be available in 9.1.

Hi  Elizabeth,

We justed upgraded to v9.1 Splunk Enterprise. Can you tell me where I can disable this "feature"

AshleyP

Hi @apietersen You can disable this security feature by creating a local web-features.conf file and setting Enable_dashboards_redirection_restriction to false. Here's the documentation: https://docs.splunk.com/Documentation/Splunk/9.1.0/Admin/ConfigureDashboardsTrustedDomainsList

Added/tried: in web-feature.conf file:

Enable_dashboards_redirection_restriction=false ->  stil redirecting warnings
or
Enable_dashboards_redirection_restriction=0 ->  stil redirecting warnings
. 

. What do I miss here?. Document link was not conclusive to me, I want to be able to disable it completely

thanks

Also explicit naming of a domain(s) (even its own) doe not seem to work

[feature:dashboards_csp]
dashboards_trusted_domain.everything=*.<dom1>.nl
dashboards_trusted_domain.everything=*.<dom2>.eu
dashboards_trusted_domain.everything=*..<dom3>.storage

??

Labels should be unique

[feature:dashboards_csp]
dashboards_trusted_domain.everything=*.<dom1>.nl
dashboards_trusted_domain.everything2=*.<dom2>.eu
dashboards_trusted_domain.everything3=*..<dom3>.storage

Is that the issue?

Btw, using the curl command only sets it for the user (admin in the example) - I had to copy the file from admin to set it for all (in my environment).

Could you write parameters without Uppercase on stanza ?

[feature:dashboards_csp]

enable_dashboards_external_content_restriction=false

enable_dashboards_redirection_restriction=false

After that restart Splunk.

PS : you are on Splunk version 9.1+ ?

Hi Romux72

• yes we are on v9.1.0.1
• I will try:
  [feature:dashboards_csp]
  enable_dashboards_redirection_restriction=false
• result after restart :
  This seems to work. But will need to test it with different browsers. Sofar, Sogood 🙂 !
  
  Thanks Romux72

Hi,

I'm not tell you, I have the problem on Splunk Cloud 2303 since upgrade of my customer Splunk Cloud platform.

This maintenance have been passed last weekend. Since Monday, Dashboartd XML with external content have this problem.

We have this message on panel

"Awaiting User Confirmation"

To complete my problem,

My post on Slack Splunk-Usergroups canal (Splunk Cloud)

Hello, I have a problem with Splunk Cloud 2303 and Dashboard XML,
I use HTML panel with <style> balise to customize my dashboard style, layout and dynamic interaction.When I click on a table, with drilldown action I set token that take width panel value. On <style> balise I call #my_pan {width : $my_tok_width_pan$;}

Before Splunk Cloud 2303, It's work. Now It's KO.

I see on Documentation that Splunk add restriction on Dashboard XML for external content HTML <style> balise is on the list.we should disable this protection with 2 variables :

Enable_dashboards_external_content_restriction and Enable_dashboards_redirection_restriction
https://docs.splunk.com/Documentation/SplunkCloud/9.0.2303/Admin/ConfigureDashboardsTrustedDomains#E...

But on documentation, no example has described and variables and stanza doesn't appaer on web-features.conf specification page
https://docs.splunk.com/Documentation/Splunk/9.0.5/Admin/Web-featuresconf#web-features.conf

Hi @romux72 - yes there is a known issue on 9.0.2303 where we see "Awaiting user confirmation" on HTML panels using external images or tokens. The workaround for now would be to remove external images or tokens from the HTML panel. It should be fixed in an upcoming release, and I've just added it to our known issues list (it might take a few moments to show up on the list): SPL-240082. 

If you are on Splunk Cloud, then I believe you do not have access to modify .conf files yourself. In this case, you have two options to allow external content:

1. Under Settings > Server Settings there is a page where you can edit the Dashboards Trusted Domains list and add the domain/URL for your external image 
2. You can file a ticket with support to manually adjust your web-features.conf file

Ok, thank you for your answer.

I already make when I have been waiting a response 

* Make the workaround that you explain 🙂. I delete my token for the moment and use thé dépends feature to hide and display my panel.

* Open a case to the support for expose my problem.