Salesforce B2C Commerce 24.7 > B2C Commerce Release Notes > 22.3 Release

Boost Security with CSP Reporting

To improve monitoring capabilities, we’re adding the capability to monitor javaScript dependencies on ecommerce websites.

When: Rollout across the security grid begins March 1, 2022 and is expected to be completed March 14, 2022.

How: Monitoring uses Content Security Policy (CSP) reporting that is native to browser API technology. Salesforce Commerce Cloud adds a Content-Security-Policy-Report-Only header to web pages as they pass through our edge. When JavaScript files attempt to execute on a webpage, browsers send a report to our reporting endpoint–the report doesn’t contain customer data. The report is sent to a non-customer domain and doesn’t impact customer traffic.

No customer action is required for the additional CSP report header.

Infocenter Retirement: On June 30, 2023, the Infocenter was retired, and documentation currently hosted on the Infocenter will be published to Salesforce Help, Commerce Cloud Developer Center, and Salesforce B2C Commerce Developer Documentation Resources. For more information, see the release note.