Domain's Transfer Key is visible via browser dev tools in CCPv2

Modified on: Thu, 23 Jan, 2020 at 5:13 AM

Operations Automation Operations Automation:7.0 Operations Automation:7.x

Question

Provider noticed that domain's Transfer key could be retrieved from data exchange captured in browser dev tools during page load in CCPv2. Information comes from domain's zoneinfo APS resource.

Is that possible to hide this information from end-user completely?

Answer

By design, all APS requests made from applications integrated with CCP are visible via browser console. Feature request PFR-650 was submitted to R&D team to exclude sensitive information from data exchange visible in Dev tools.

Internal content

Did you find it helpful? Yes No