You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The **Monitors** dashboard shows the list of active scripts, connections, and cookies. The **All Reported Scripts** and **All Reported Connections** dashboards show the full list of detected scripts and connections in your domain, respectively, including infrequent and inactive ones.
20
20
21
-
Page Shield adds a CSP report-only HTTP header used to monitor webpage resources to a sample of sent responses. This means that there may be a [small delay](/page-shield/troubleshooting/#why-do-i-not-see-scripts-after-i-activated-page-shield) between deploying a script or cookie and having its data displayed in Page Shield's dashboards.
21
+
Page Shield adds a CSP report-only HTTP header used to monitor webpage resources to a sample of sent responses. This means that there may be a [small delay](/page-shield/troubleshooting/#page-shield-does-not-show-any-resources-after-activating-it) between deploying a script or cookie and having its data displayed in Page Shield's dashboards.
22
22
23
23
Enterprise customers with a paid add-on have access to additional classification mechanisms based on threat feeds to determine if a script, or a connection made by a script, is malicious. For more information, refer to [Malicious script and connection detection](/page-shield/how-it-works/malicious-script-detection/).
Copy file name to clipboardExpand all lines: src/content/docs/page-shield/troubleshooting.mdx
+8-12Lines changed: 8 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,17 +8,21 @@ sidebar:
8
8
9
9
import { GlossaryTooltip } from"~/components";
10
10
11
-
## Why do I not see scripts after I activated Page Shield?
11
+
### How do I set up Page Shield?
12
+
13
+
For help setting up Page Shield, refer to our [get started guide](/page-shield/get-started/).
14
+
15
+
## Page Shield does not show any resources after activating it
12
16
13
17
Page Shield does not collect data on every single page view. Instead, it uses a sampling approach to gather information efficiently. This means that domains with lower traffic might take longer to generate initial reports, as these domains need more page views to accumulate enough samples. To speed up the reporting process, it is recommended that you actively generate traffic to your application after [activating Page Shield](/page-shield/get-started/). This will provide Page Shield with more data to work with, leading to faster report generation.
14
18
15
-
## Why do I see scripts that I do not recognize?
19
+
## Page Shield shows scripts and connections that I do not recognize
16
20
17
21
Scripts often reference other scripts outside your application.
18
22
19
23
But, if you see unexpected scripts on your Script Monitor dashboard, check them for signs of malicious activity.
20
24
21
-
## Why do I see warnings in my browser's developer tools related to Content Security Policy (CSP)?
25
+
## I get warnings in my browser's developer tools related to Content Security Policy (CSP)
22
26
23
27
Page Shield uses a <GlossaryTooltipterm="content security policy (CSP)">Content Security Policy (CSP)</GlossaryTooltip> report-only directive to gather a list of all scripts running on your application.
24
28
@@ -34,7 +38,7 @@ is required to enable inline execution.
34
38
35
39
You can safely ignore these warnings, since they are related to the reports that Page Shield requires to detect loaded scripts. For more information, refer to [How Page Shield works](/page-shield/how-it-works/).
36
40
37
-
## Why do I get policy violation reports for a domain I allowlisted?
41
+
## I get policy violation reports for a domain I allowlisted
38
42
39
43
Policy violations reported via CSP's [report-only directive](/page-shield/reference/csp-header/) do not take into consideration any redirects or redirect HTTP status codes. This is [by design](https://www.w3.org/TR/CSP3/#create-violation-for-request) for security reasons.
40
44
@@ -43,11 +47,3 @@ Some third-party services you may want to cover in your Page Shield allow polici
43
47
For example, if you add the `adservice.google.com` domain to an allow policy, you could get policy violation reports for this domain due to redirects to a different domain (not present in your allow policy). In this case, the violation report would still mention the original domain, and not the domain of the redirected destination, which can cause some confusion.
44
48
45
49
To try to solve this issue, add the domain of the redirected destination to your allow policy. You may need to add several domains to your policy due to redirects.
46
-
47
-
## Do I have access to Page Shield?
48
-
49
-
Yes, Page Shield is available on all plans. For details on the available features per plan, refer to [Availability](/page-shield/#availability).
50
-
51
-
### How do I set up Page Shield?
52
-
53
-
For help setting up Page Shield, refer to our [get started guide](/page-shield/get-started/).
0 commit comments