Content Security Policy -- Blocking PRPushServlet
Application is updated with Content Security Policy Name as pxDefaultSecured. Since then we are seeing the below CORS log entries in browser network log related to PRPushServlet.
Access to XMLHttpRequest at 'https://www.myorg.se/' (redirected from 'https://appl.sit.myorgtest.se/prweb/PRPushServlet/app/myApp_/!@72e53abd75c91ff07c6cfbab325ae949!?PZSRVRPSH=true&portalName=Applicant&clientID=CXtwZH1BQUFBQnQyQXhrS2FjLytwdDNKWGNaRU41WmtOczk2VWxNRGpwVWNWM1d4Tkd6RTkrM2xWTlJ5V0xzdGo2YTNPNFFMUjN3PT0%3D&X-Atmosphere-tracking-id=0&X-Atmosphere-Framework=3.1.3-javascript&X-Atmosphere-Transport=long-polling&X-Atmosphere-TrackMessageSize=true&Content-Type=application%2Fjson&X-atmo-protocol=true&_=1696362649869') from origin 'https://appl.sit.myorgtest.se' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.