Content Security Policy (CSP)

What Is Content Security Policy (CSP)?

Content Security Policy (CSP) is a powerful security layer designed to protect websites against common attacks such as Cross-Site Scripting (XSS), data injection, clickjacking, and malicious resource loading. By specifying which content sources are trusted, CSP ensures that only approved scripts, styles, images, and other resources are executed in the browser.

ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP

Content Security Policy (CSP)

What Is Content Security Policy (CSP)?

`sdk.poltio.com` loads 1 image for the trigger and 1 js file and `www.poltio.com` loads 1 iframe.

So you need to give access to script-src, frame-ancestors and img-src to **`*.poltio.com`**

Content Security Policy (CSP)

What Is Content Security Policy (CSP)?

sdk.poltio.com loads 1 image for the trigger and 1 js file and www.poltio.com loads 1 iframe.

So you need to give access to script-src, frame-ancestors and img-src to *.poltio.com

`sdk.poltio.com` loads 1 image for the trigger and 1 js file and `www.poltio.com` loads 1 iframe.

So you need to give access to script-src, frame-ancestors and img-src to **`*.poltio.com`**