These are the options you will find in the Thinfinity® Configuration Manager's Profile Editor on the 'General' tab:



Main Entry Point

Add the URL you wish to access via Web VPN from outside your network.

Optimize for SPA

Optimizes the connection to better work with Single Page Application, masking the Virtual Path to avoid routing incompatibilities on heavy dependent JavaScript web applications. E.g.: Web Applications made with Angular, React and Vue which use routing plugins.

Sanitize Input (Prevent XSS)

Applies cross site scripting (XSS) sanitization to every request made to the server to avoid possible XSS issues or attacks. E.g.: This setting will help prevent malicious JavaScript injection in your web application.

Valid Domains

Additional list of domains (Comma separated) that will go through the WebVPN if requested or utilized by the main entry point. By default, every subdomain of the main entry point is also a valid domain. These domains can also be specified as masks, E.g.:

1) *

2) *


4) mydomain-*.com 1) Allow all domains 2) Allow every subdomain included under 3) Allow specifically 4) Allow every domain which starts with mydomain-

Custom Headers

Configure a json file that specifies how CSP (Content Security Policy) headers will be overridden for every request that goes through the WebVPN.

You can use this configuration to prevent unexpected CSP problems when using the WebVPN.

  • Hit the Custom Headers button available on the General Tab.

  • A pop-up window will be displayed with the default .json file. Assign the value or file you wish to use instead.

    "templates": {
        "nocsp": {
            "default": true,
            "headers": {
                "Content-Security-Policy": "",
                "cross-origin-opener-policy-report-only": "",
                "cross-origin-embedder-policy": "",
                "cross-origin-resource-policy": ""

Last updated