Dynamic CSPs | Make Developer Hub

The Dynamic CSPs field of System settings lets you customize your instance's Content Security Policy (CSP). To permit resources and content from external URLs, use the following procedure:

Create a JSON array of the permitted sources. You can use CSP directives as the key and domains as the value according to the following format:
1. Omit the dash and any characters after the dash of a CSP directive. Examples: connect for connect-src or font for font-src
2. Omit https:// from URLs. You can use wildcards. Examples: drive.example.com or *.example.com
3. Example JSON array:
{ "connect": [".example.com", "wss://web.socket.com"], "font": [".example.com"] }

For WebSockets, you must include wss://

Insert your JSON object into the Dynamic CSPs field.
Click Save.

A message briefly appears confirming the changes are saved.

Last updated 24 days ago

The Dynamic CSPs field of System settings lets you customize your instance's Content Security Policy (CSP). To permit resources and content from external URLs, use the following procedure:

Create a JSON array of the permitted sources. You can use CSP directives as the key and domains as the value according to the following format:
1. Omit the dash and any characters after the dash of a CSP directive. Examples: connect for connect-src or font for font-src
2. Omit https:// from URLs. You can use wildcards. Examples: drive.example.com or *.example.com
3. Example JSON array:
{ "connect": [".example.com", "wss://web.socket.com"], "font": [".example.com"] }

For WebSockets, you must include wss://

Insert your JSON object into the Dynamic CSPs field.
Click Save.

A message briefly appears confirming the changes are saved.

Last updated 24 days ago