You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a privacy oriented business owner, I would like my content to be protected from being visible to the public internet.
Criteria of acceptance
Requests to Helix Admin for protected previewing and publishing work as expected (passing IMS Auth Token).
Content that lives on content.da.live cannot be accessed without an appropriate header, cert, etc.
Live preview works with protected hlx.page content (via MS auth) or we use hlx.live pages as the preview shell.
Additional context
For live preview, I think we could probably pivot to requesting the hlx.live page since we clobber it with the editor contents anyway.
We need to see if helix admin provides any markers (headers, cert, etc.) when it requests content so we can lock down all requests to content.da.live that do not provide one of these auth pieces.
The text was updated successfully, but these errors were encountered:
As a privacy oriented business owner, I would like my content to be protected from being visible to the public internet.
Criteria of acceptance
Additional context
For live preview, I think we could probably pivot to requesting the hlx.live page since we clobber it with the editor contents anyway.
We need to see if helix admin provides any markers (headers, cert, etc.) when it requests content so we can lock down all requests to content.da.live that do not provide one of these auth pieces.
The text was updated successfully, but these errors were encountered: