CSP list is subject to change depending on the SDK’s features.
Content Security Policy(CSP) is a web security standard to mitigate code injection attacks like Cross-Site-Scripting (XSS), Clickjacking, and Pixel-Perfect timing attacks.
This is ChannelTalk’s CSP list that you should append to your whitelist if you are supporting CSP.
default-src *.channel.io *.cdninstagram.com connect-src *.channel.io wss://*.channel.io *.sentry.io script-src 'unsafe-inline' *.channel.io *.sentry-cdn.com style-src 'unsafe-inline' img-src *.channel.io *.cdninstagram.com blob:
Updated 14 days ago