Customers who install HappyFox Chat widget in pages which use Content Security Policy (CSP) should extend their CSP policy to include following domains in respective directives.

script-src 'self' 'unsafe-inline' 'unsafe-eval' happyfoxchat.com *.happyfoxchat.com; 

connect-src 'self' happyfoxchat.com *.happyfoxchat.com; 

media-src 'self' happyfoxchat.com *.happyfoxchat.com; 

object-src 'self' happyfoxchat.com *.happyfoxchat.com; 

child-src 'self' happyfoxchat.com *.happyfoxchat.com; 

frame-src 'self' happyfoxchat.com *.happyfoxchat.com;

img-src 'self' happyfoxchat.com *.happyfoxchat.com; 

style-src 'self' 'unsafe-inline' happyfoxchat.com *.happyfoxchat.com; 

font-src 'self' happyfoxchat.com *.happyfoxchat.com;

Example CSP policy which whitelists HappyFox Chat widget,

default-src 'self'; 

script-src 'self' 'unsafe-inline' 'unsafe-eval' happyfoxchat.com *.happyfoxchat.com; 

connect-src 'self' happyfoxchat.com *.happyfoxchat.com; 

media-src 'self' happyfoxchat.com *.happyfoxchat.com; 

object-src 'self' happyfoxchat.com *.happyfoxchat.com; 

child-src 'self' happyfoxchat.com *.happyfoxchat.com; 

frame-src 'self' happyfoxchat.com *.happyfoxchat.com;

img-src 'self' happyfoxchat.com *.happyfoxchat.com; 

style-src 'self' 'unsafe-inline' happyfoxchat.com *.happyfoxchat.com; 

font-src 'self' happyfoxchat.com *.happyfoxchat.com;