If you have configured private departments for internal ticket management, you can choose to show or hide tickets from those departments to your end users on the help center. If you have more than one department, you can display your department catalog when users submit a ticket from the help center. Users can click on a department to create their ticket in it. When this option is disabled, users can select their preferred department from inside the ticket form.
To show tickets from private departments:
- Click the Setup icon ( ) in the top bar.
- Click Help Center under the Channels menu.
- Select the Help Center for which you want to set access permissions.
- Click Access Settings under the Help Center sub-menu.
- On the Access Settings page, enable Display tickets from private departments in the help center option under Permissions.
The changes will be saved instantly.
If you have more than one department, you can display your department catalog when users submit a ticket from the help center. Users can click on a department to create their ticket in it. When this option is disabled, users can select their preferred department from inside the ticket form.
To show departments:
- Click the Setup icon ( ) in the top bar.
- Click Help Center under the Channels menu.
- Select the Help Center for which you want to set access permissions.
- Click Access Settings under the Help Center sub-menu.
- On the Access Settings page, enable Show departments list page on choosing to submit a ticket option under Permissions.
The changes will be saved instantly.
Cross-site scripting Attacks
Cross-site scripting is a security exploit in which attackers trick your help center into storing malicious client-side code (generally in the form of a browser side script) and later insert them into web pages when other users request them. These attacks can happen through numerous injection points, such as search field, feedback form, and forum posts. And when they happen, it can cause a variety of problems for your end users, ranging in severity from an annoyance to complete account compromise.
Defending against Cross-Site Scripting
Zoho Desk enables you to defend your help center from cross-site scripting attacks by restricting user input to a specific whitelist. This is achieved by defining where resources can be loaded from and preventing browsers from loading data from other locations. It only takes turning on a toggle to provide this extra protection for your help center.
To defend your help center against cross-site scripting: