Live Assist for Microsoft Dynamics 365 (LAD365) has ways to keep you secure and safe while working as an agent. Let's consider some of these, as it relates to how messages are handled, and content is presented.
LAD365 sanitizes the messages sent by visitors before they are displayed to you. If the visitor includes any scripts or code in a message, you will not be able to execute it. If the visitor provides a URL, it will not be shown as a clickable link but rather as plain text. This protects you from malicious links or actions.
Important: Even though LAD365 has these feature, you are also responsible for good security practices. If you choose to copy a plain text URL and paste it in the web browser, be especially alert; it may be malicious.
When you send a message to a visitor, a similar protection is in place. The message is converted to plain text, and it is not possible to execute any script or code. However, in this case there are a few exceptions. You can use a limited number of html tags, such as to make text bold or italic. In addition, any link that you send to a visitor will be a clickable hyperlink.
Here is an example of how links and formatting appear to both agent and visitor.
Agent:
Visitor:
In addition to what we have already considered, LAD365 limits message length.
- Up to 1000 characters can be sent at a time by the agent.
- LAD365 will replace text formatting such as newlines, tabs, or multiple spaces with equivalent HTML tags. This increases the length of the message. Encoded messages over 1300 characters long are truncated. The last 3 characters will be replaced with an ellipsis (…) to indicate the truncation.
- Up to 2000 characters can be sent by the visitor.