A Content Security Policy (CSP) allows you to list trusted external and internal scripts, styles, images and other content sources.
These are implemented via a HTTP response header named “content-security-policy”. You can see an example of this below:
If your domain utilises policy directives such as default-src, script-src, connect-src and img-src you will need to authenticate several SessionCam environments to allow us to serve scripts which monitor and record user interaction.
You can find these listed below:
If you use any experimental CSP directives, the above domains may also need adding to these; accessing your the network events within your browser's developer tools will highlight these, if so.
You can see an example of a updated Content Security Policy below:
Content-Security-Policy: default-src 'self' https://*.sessioncam.com https://d2oh4tlt9mrke9.cloudfront.net ws://*.sessioncam.com wss://*.sessioncam.com;