Splunk AppDynamics
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

EUM - Browser violation error

Khalid_Rehan2
Explorer
‎09-11-2024 04:09 AM

Dears,

I'm getting an error after loading the adrum.js:

Refused to frame https://cdn.appdynamics.com/ because it violates the following Content Security Policy directive: frame-src 'self' www.google.comwww.google.com 

The EUM is reachable.EUM-processor: version-'24.4.0.0', commit-cd:XXXXXXXXXXXXXXb, build-release/24.4.0.next #24.4.0-35342, timestamp=2024-05-02 01:18:33

The backend is Microsoft SharePoint. CSP has added both the CDN and EUM servers.

Regards,
Khalid

image.png

Labels (1)
Labels
0 Karma
Reply

iamryan
Community Manager
Community Manager
‎12-12-2024 08:35 AM

Hi @Khalid.Rehan,

Thank you for updating the thread and letting us know. 

0 Karma
Reply

Khalid_Rehan2
Explorer
‎12-12-2024 03:28 AM

Hello @Ryan.Paredez 

It seems that the solution I posted does not apply to most cases.

I faced the same issue twice and the solution was to allow some policies on F5 loadbalancer related to CORS error.

It worked on one case, but I now have about 3 cases one of them F5 could not resolve it until now 😄

I will update the post once I resolve it.

Regards,

Khalid

Reply

iamryan
Community Manager
Community Manager
‎11-19-2024 08:51 AM

Hi @Khalid.Rehan,

Thank you for sharing the solution! 

0 Karma
Reply

Khalid_Rehan2
Explorer
‎11-19-2024 02:27 AM

Hi @Ryan.Paredez ,

We were able to fix the problem by disabling the config.xd in the EUM snippet 😄

config.xd = {enable : false};

Example:

<script charset='UTF-8'>
window['adrum-start-time'] = new Date().getTime();
(function(config){
    config.appKey = 'EUM-XYZ-ABC';
    config.adrumExtUrlHttp = 'https://cdn.appdynamics.com';
    config.adrumExtUrlHttps = 'https://cdn.appdynamics.com';
    config.beaconUrlHttp = 'https://eum.myappd.com';
    config.beaconUrlHttps = 'https://eum.myappd.com';
    config.xd = {enable : false};
})(window['adrum-config'] || (window['adrum-config'] = {}));
</script>
<script src='https://cdn.appdynamics.com/adrum/adrum-latest.js'></script>

Regards,

Khalid

Reply

iamryan
Community Manager
Community Manager
‎10-22-2024 08:52 AM

Hi @Khalid.Rehan,

If I find any new info, I'll share it here. If you find any new information or a solution, please share it here.

0 Karma
Reply

iamryan
Community Manager
Community Manager
‎09-12-2024 01:40 PM

Hi @Khalid.Rehan,

I found this AppDynamics Docs page that I think would be helpful. Please have a read and let me know if it helped.

https://docs.appdynamics.com/appd/22.x/latest/en/end-user-monitoring/browser-monitoring/browser-real...

0 Karma
Reply

Khalid_Rehan2
Explorer
‎10-20-2024 04:17 AM

Hi Ryan,

unfortunately, it did not work applying what is recommended in the doc you shared:

C:\inetpub\wwwroot\wss\VirtualDirectories\{your-site}
Add the CSP Header to the <httpProtocol> section of the Web.config file.

<system.webServer>
   <httpProtocol>
      <customHeaders>
         <add name="Content-Security-Policy" value="script-src 'unsafe-inline' cdn.appdynamics.com; connect-src peum.kaska.com; img-src cdn.appdynamics.com; child-src cdn.appdynamics.com;" />
      </customHeaders>
   </httpProtocol>
</system.webServer>

The application crashed and we had to rollback. 

Notes: the agent is loaded successfully.

Any other suggestions? Where else to look?

0 Karma
Reply
Register for .conf25!
Get Updates on the Splunk Community!

Why You Can't Miss .conf25: Unleashing the Power of Agentic AI with Splunk & Cisco

The Defining Technology Movement of Our Lifetime The advent of agentic AI is arguably the defining technology ...

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

In today’s complex digital landscape, security teams face increasing pressure to protect sprawling data across ...

Your summer travels continue with new course releases

Summer in the Northern hemisphere is in full swing, and is often a time to travel and explore. If your summer ...