Content Security Policy
Content Security Policy
If you are using Content Security Policy (CSP) on your site, you will need to add these entries to the policy to make widget work properly:
connect-src sentry-new.tidio.co socket.tidio.co wss://socket.tidio.co uploads.tidio.com;
img-src cdnjs.cloudflare.com unpkg.com data: code.tidio.co avatars.tidiochat.com tidio-images-messenger.s3.us-east-1.amazonaws.com;
media-src code.tidio.co;
script-src code.tidio.co;
style-src 'unsafe-inline';
font-src code.tidio.co data:;
InfoPlease keep in mind that if you need to add inline scripts (e.g. for visitor identification), consider using nonce or hash instead of
'unsafe-inline'.
Updated 3 days ago