Released Enhancements
Protected Assets Functionality
Users can now mark assets as “Protected,” making them accessible only to authenticated HCMS users. This setting can be applied using the UI or API, offering flexibility while supporting secure internal storage without requiring encryption.
Updated Content Security Policy for HCMS
The HCMS now uses more restrictive Content Security Policy headers with default-src, script-src, style-src, form-action, and report-to directives. Deprecated headers have been removed to ensure up-to-date browser behavior and improved security posture.