Thanks for confirming Jan. I agree, we'll find a way to make this more visible from the resource center, I appreciate the feedback.
Original Message:
Sent: 03-21-2024 09:33
From: Jan Heinonen
Subject: Cobrowse for non-internet facing web pages
Hi Chad,
You're right, I managed to find my old ticket and it was CSP that was the issue in that case.
Information regarding CSP would probably be good to have in the Deplay Messenger section in the documentation.
------------------------------
Jan Heinonen
Contact Center Specialist
GlobalConnect AB
Original Message:
Sent: 03-21-2024 08:30
From: Chad Hansen
Subject: Cobrowse for non-internet facing web pages
Hi Jan, I want to be sure that we're not confusing the details of CSP (Content Security Policy) and CORS. I'll ask that if you or Rizwan are running into CORS errors, if you could please open a Care ticket with the details. This will help us better understand the issue and determine if we could improve our documentation. Thank you.
------------------------------
Chad Hansen
Product Manager
Genesys - Employees
Original Message:
Sent: 03-20-2024 12:45
From: Jan Heinonen
Subject: Cobrowse for non-internet facing web pages
Hi Chad,
I can't find any information regarding CORS.
If the website has a CORS policy you'll need to add both the messenger widget domain (for messaging to work) and co-browse app domain (for co-browse to work). Otherwise co-browse will just get disconnected when the end user accepts the session.
I just had this issue with a customer where co-browse was blocked since the domain wasn't in their CORS policy.
------------------------------
Jan Heinonen
Contact Center Specialist
GlobalConnect AB
Original Message:
Sent: 03-20-2024 10:51
From: Chad Hansen
Subject: Cobrowse for non-internet facing web pages
Hi Rizwan,
- If your CSS is only accessible from whitelisted IPs then you must whitelist it for Co-browse to synchronize styling. Unfortunately, you can't just whitelist the current IPs of cobrowse-v2.mypurecloud.ie as these are dynamic and can change any time. This is indeed the right article on whitelisting any Genesys Cloud IPs: https://help.mypurecloud.com/articles/ip-addresses-for-the-firewall-allowlist/. Unfortunately there is no easier way around this.
- That said, Co-browse should still be able to synchronize your basic page structure, even without the CSS. Depending on how your page is implemented, agent can see the page without styling at all, or with some styling, but they should see something. If you're not seeing anything, I would recommend opening a case with Care so we can investigate more closely.
In general, we would recommend to put your CSS files somewhere public. Even if the page access is restricted, restricting CSS access doesn't typically add to security as CSS is just styling information. If the page is restricted but its CSS is public, then Co-browse should be able to synchronize it. This requirement is called out at the bottom of the following article though: Co-browse for Messenger requirements. There are no additional requirements for whitelisting in CORS.
Please let us know if you find any documentation that seems wrong or is missing information. At the bottom of our Resource Center articles you'll find a built-in "Was this article helpful?" function, this will allow for direct feedback to our documentation team.
I hope this helps.
------------------------------
Chad Hansen
Product Manager
Genesys - Employees
Original Message:
Sent: 03-19-2024 11:58
From: Rizwan Khan
Subject: Cobrowse for non-internet facing web pages
This is from network logs from client side when cobrowse is initiated. Here you can see the request is initiated from domain "cobrowse-v2.mypurecloud.ie", hence we have allowed CORS access to that domain. The response is showing as 404 not found, but I was able to access the same font file from that computer directly. Here it looks like we need to whitelist the IPs from Genesys side for co-browse, but it is not mentioned anywhere in their documentation not any mention of domain to be whitelisted for cobrowse.
------------------------------
Rizwan Khan
Tata Consultancy Services Ltd
Original Message:
Sent: 03-19-2024 08:01
From: Jan Heinonen
Subject: Cobrowse for non-internet facing web pages
Hello Rizwan,
I don't have any org in your region, in EUC1 I needed to add https://apps.mypurecloud.de to CORS or something similar for co-browse to work. (can't find the notes for it now)
If you look in console logs on the agents browser when they start a session it should show an error message for what it doesn't have access to.
------------------------------
Jan Heinonen
Contact Center Specialist
GlobalConnect AB
Original Message:
Sent: 03-18-2024 14:48
From: Rizwan Khan
Subject: Cobrowse for non-internet facing web pages
Are you saying the CIDR range of AWS IPs mentioned in their documentation or the ones we get when we do an nslookup of "cobrowse-v2.mypurecloud.ie"
Name: cobrowse-v2.mypurecloud.ie
Addresses: 18.165.160.53
18.165.160.12
18.165.160.35
18.165.160.16
Also we have allowed CORS access to only "cobrowse-v2.mypurecloud.ie". Do we need to allow any other domain than this?
Regards,
Rizwan
------------------------------
Rizwan Khan
Tata Consultancy Services Ltd
Original Message:
Sent: 03-18-2024 14:11
From: Breno Canyggia Ferreira Marreco
Subject: Cobrowse for non-internet facing web pages
Can you allow the range IP AWS used in this connection?
Att,
------------------------------
Breno Canyggia Ferreira Marreco
https://www.linkedin.com/in/brenocfm-40b62182/
Original Message:
Sent: 03-18-2024 14:08
From: Rizwan Khan
Subject: Cobrowse for non-internet facing web pages
We have some web pages which are not internet facing and can be accessed only from whitelisted IPs. We have messenger embedded in those pages. The problem is when we initiate cobrowse we are not getting the screen on the agent side. Apart from allowing CORS, do we need to do any more config changes on application side?
#DigitalChannels
------------------------------
Rizwan Khan
Tata Consultancy Services Ltd
------------------------------