Oct 25, 2022
2422
Customers who install HappyFox Chat widget in pages which use Content Security Policy (CSP) should extend their CSP policy to include following domains in respective directives.
script-src 'self' 'unsafe-inline' 'unsafe-eval' happyfoxchat.com *.happyfoxchat.com;
connect-src 'self' happyfoxchat.com *.happyfoxchat.com;
media-src 'self' happyfoxchat.com *.happyfoxchat.com;
object-src 'self' happyfoxchat.com *.happyfoxchat.com;
child-src 'self' happyfoxchat.com *.happyfoxchat.com;
frame-src 'self' happyfoxchat.com *.happyfoxchat.com;
img-src 'self' happyfoxchat.com *.happyfoxchat.com;
style-src 'self' 'unsafe-inline' happyfoxchat.com *.happyfoxchat.com;
font-src 'self' happyfoxchat.com *.happyfoxchat.com;
Example CSP policy which whitelists HappyFox Chat widget,
default-src 'self';
script-src 'self' 'unsafe-inline' 'unsafe-eval' happyfoxchat.com *.happyfoxchat.com;
connect-src 'self' happyfoxchat.com *.happyfoxchat.com;
media-src 'self' happyfoxchat.com *.happyfoxchat.com;
object-src 'self' happyfoxchat.com *.happyfoxchat.com;
child-src 'self' happyfoxchat.com *.happyfoxchat.com;
frame-src 'self' happyfoxchat.com *.happyfoxchat.com;
img-src 'self' happyfoxchat.com *.happyfoxchat.com;
style-src 'self' 'unsafe-inline' happyfoxchat.com *.happyfoxchat.com;
font-src 'self' happyfoxchat.com *.happyfoxchat.com;