⚙️ Platform Configuration

Configure client branding, engagement details, active modules, and custom content. All settings save to localStorage and apply instantly across every page — no file editing required.

✅ Active config:

How this works: Fill in any fields below and click Save Config. Every page reads dsp_config from localStorage on load and injects your values — colors, logo, names, and module visibility — into the live DOM. Use Reset to Defaults to restore Centene starter values at any time.

Client Identity

Client Name Displayed in nav, headers, and footer

Platform Title Replaces "CNC Data Security Platform" in page titles and headers

Abbreviation / Prefix 2–4 letters — used in ZIP filename

Engagement Lead Shown in footer and workbook header

Engagement End Date Drives workday countdown in workbook

Footer Note Replaces "For Internal Use Only" — leave blank to keep default

Key Stakeholders Shown on deliverables and workbook — one per line

Primary Objective Replaces the hero sub-line on the home page

Logo

Paste any publicly accessible image URL (HTTPS). The image appears in the nav bar across all pages. If the URL is blank and a Client Name is set, a text badge is used instead. Leave both blank for no logo.

Logo Image URL Must be a direct image link (PNG, SVG, JPG) — no file uploads

Enter a URL above to preview

Branding Colors

Primary / Nav Color Nav bar, headers, table headers, buttons — default #512888 (Centene Purple)

Accent Color Nav underline, card borders, badges, section titles — default #00A3AD (Centene Teal)

Label Taxonomy Override

Default schema: Public, Internal, Confidential, Restricted. Enter one label per line to override what’s shown in the Labeling module — ordered from least to most sensitive.

Custom Label Names One per line — ordered from least to most sensitive

Active Modules

Unchecked modules are hidden from the home page card grid and nav links. The underlying pages still exist — they’re just not surfaced. Check all for the full platform experience.

Custom Content

Announcement Banner Appears as a highlighted bar immediately below the nav on every page. Leave blank to disable.

0 / 120

Home Page Content Block Appears at the top of the home page main area — use for engagement context, scope notes, or client-specific guidance. Plain text or simple HTML.

0 / 800

Access Gate

The access gate shows a passphrase prompt before any page loads. Disable it for open screen-sharing sessions and re-enable when done. Change Passphrase to set a client-specific password — all other devices will be prompted on next visit. Use Clear All Gate Data if you are locked out or need a full reset.

Gate: ✅ Enabled

Change Passphrase

Local Web Server — Deployment Options

Why run a local server? Opening HTML files directly via file:// blocks several features: the ZIP export cannot fetch sibling files, localStorage behaves inconsistently across some browsers, and a strict Content Security Policy cannot be tested. A local server fixes all three and makes the platform behave identically to production hosting.

✅ Advantages of local server vs file://
• ZIP export works — fetch() can load sibling HTML files
• Consistent localStorage origin across all pages
• CSP headers can be applied and tested
• Matches production behaviour exactly
• PDF/print layout renders correctly
• Easy to share on a local network (one command, all devices on same WiFi)

🐍 Python (built-in — no install needed)

Python 3.x ships on macOS, most Linux, and Windows 10+. No packages to install.

# 1. Open a terminal and navigate to the project folder
cd /path/to/CNC-DataSecurityPlatform

# 2. Start the server (port 8080)
python3 -m http.server 8080

# 3. Open in browser
# http://localhost:8080/index.html

# Windows (if python3 not found, try):
python -m http.server 8080

⚠️ Python's built-in server does not support custom HTTP headers — CSP must be tested via Node or Caddy.

⬡ Node.js / npx (recommended — supports CSP headers)

Requires Node.js (nodejs.org). No project setup needed — npx downloads temporarily.

# Navigate to project folder
cd /path/to/CNC-DataSecurityPlatform

# Start server with live-reload and CORS headers
npx serve . -p 8080

# Or with explicit CSP header testing (http-server):
npx http-server . -p 8080 --cors -c-1

For full CSP header enforcement, use a server.conf or Caddy — see below.

🔒 Caddy (full CSP header enforcement — production-equivalent)

Install Caddy from caddyserver.com. Create a Caddyfile in the project root:

localhost:8080 {
    root * .
    file_server
    header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' https: data:; connect-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests;"
    header X-Frame-Options "DENY"
    header X-Content-Type-Options "nosniff"
    header Referrer-Policy "strict-origin-when-cross-origin"
}

# Then run:
caddy run

🖥 VS Code — Live Server extension (easiest for local dev)

1. Install Live Server by Ritwick Dey (VS Code Extensions panel)
2. Open the project folder in VS Code
3. Right-click index.html → Open with Live Server
4. Browser opens at http://127.0.0.1:5500/index.html with auto-reload on save
⚠️ Live Server does not support custom HTTP headers. Use Caddy for CSP testing.

📡 Share on local network (same WiFi)

# Bind to all interfaces instead of localhost:
python3 -m http.server 8080 --bind 0.0.0.0

# Or with npx:
npx serve . -p 8080 -l 0.0.0.0

# Find your machine IP:
#   macOS/Linux: ifconfig | grep "inet "
#   Windows:     ipconfig

# Other devices on the same network open:
# http://YOUR-IP:8080/index.html

⚠️ Security: local-network sharing bypasses the gate for anyone on the same WiFi who knows the IP. Only use on trusted networks. Enable the access gate and use Caddy + basic auth for shared access.

Not saved