Security Enhancements Rolling Out April 28
We are continuously working to enhance the security of the Rossum application. As part of this effort, we have implemented Content Security Policy headers support, and we will begin enforcing them on April 28th, 2025. This change aims to provide stronger protection against security threats such as cross-site scripting (XSS) and data injection attacks in web browsers.
For most users, this update will be seamless, requiring no action.
The change may affect you if your users are accessing the Rossum web application through:
A web browser with an extension that injects custom code, fonts, or other content into the Rossum web page.
A transparent proxy, such as Zscaler, that automatically injects custom code into web pages.
In such cases, we recommend reviewing your setup and checking the web browser console for Content Security Policy violation messages.
If you anticipate any issues or need guidance, contact our support team—we’re happy to help you find a suitable solution.
Thank you for your cooperation in making the Rossum platform more secure.
