Guides
Start typing to search…

Content security policy (CSP)

If you use a Content Security Policy, you will need to update your config with the following, in addition to any other configured values you may already have:

script-src: https://thanks.is/ 'unsafe-inline';
style-src 'unsafe-inline';
frame-src https://thanks.is/;

A full example:

<meta
  http-equiv="Content-Security-Policy"
  content="
    default-src 'self';
    script-src 'self' https://thanks.is/ 'unsafe-inline';
    img-src 'self' data:;
    style-src 'self' data: 'unsafe-inline';
    font-src data:;
    frame-src https://thanks.is/;
    child-src 'none';
  "
/>

Updated about 1 month ago