Wise-Sync Update: Enhanced Security for PCI Requirements (Error: Unable to load Wise-Sync within ConnectWise)
Created by: Paul MacNeill
Modified on: Mon, 26 Mar, 2018 at 3:48 AM
This is known as X-Frame adoption, which ensures that pages that contain login information cannot be embedded within iFrames or headless browsers such as the one provided by ConnectWise. If you enjoy a little security reading on the side, you might like to read more about the background of here: OWASP - XSS Site Vulnerabilities and Wikipedia: ClickJacking
As Wise-Sync allows for the entry of Credit Card information for both our application (Account Update > Payment / Card) and also through Wise-Pay, it was a requirement for this change to be made.
Who is affected: Only our public login pages are affected, as we have been able to update the implementation to allow the Q-Link functionality to work, while still remaining PCI compliant. You will however be required to log in to Wise-Sync outside of ConnectWise if you wish to update any of your account information.
If you have your ConnectWise Custom Menu Entry set to use https://secure2.wise-sync.com then you will need to update to use the new QLink entry point.
To create a Q-Link, refer to the following article Creating a Custom Menu Entry in ConnectWise
Did you find it helpful?Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.