Location: LCMS Home Page (Admin Menu) > Application Preferences > Security Tab
Security Tab HomeBack Next
1. On the LCMS Home screen, click the Application Preferences link to open the Application Preferences screen.
2. On the Application Preferences screen, click the Security tab from the Components menu to open the Security pane.
3. On the Security pane, click the checkbox beside Cookies use SameSite=strict to enable greater security against potential click-jacking attempts. Note: Enabling this feature may cause issues if the LCMS is launched through a portal.

LCMS_U~1_Img1278g

4. Click the checkbox beside Strict HTML Validation to enable strict HTML validation using a modified version of OWASP AntiSamy. Note: Visit OWASP.org for more information.
5. When Strict HTML Validation is enabled, the user will receive warnings whenever unsafe HTML is entered in a text field. A warning window will open to display the current HTML causing the warning along with a clean version of the HTML. The user may click the Clean & Save button to have the LCMS clean the HTML automatically or click the Close button to clean the HTML themselves. Note: Users will not be able to save the HTML until it is deemed to be clean.

LCMS_U~1_Img1351a

6. Deselect the Allow 3rd Party Content checkbox to disable the import/upload of 3rd party content. Note: This option is enabled by default.
7. Deselect the checkbox for the roles who will not have access to 3rd party content. Note: All roles have access to 3rd party content by default.
8. Set the New Screen Security Defaults by selecting the Security Classification and Controlled Goods category from the corresponding drop-down menu. Note: This will set the security classification and controlled goods category defaults for new screens within a new project.
9. Set the New User Security Defaults by selecting the Security Classification and Controlled Goods category from the corresponding drop-down menu. Note: This will set the security defaults used when a new user is created.
10. Click the LCMS_Submit button to save the changes or click the LCMS_Cancel button to return to the previous screen without saving.