What is a Content Security Policy (CSP)?
A Content Security Policy (CSP) is a security policy that provides instructions to a web browser on how to handle content on a website.
CSPs are also used to ensure that only trusted and authorized code is executed on a website. CSPs can be used to restrict the use of JavaScript, plugins, stylesheets, images, fonts, and other types of content.
Adding Silktide Analytics to your CSP
There are two resources that Silktide Analytics uses, which you may need to grant access to:
JavaScript
The JavaScript for Silktide Analytics is hosted inside analytics.silktide.com.
In a CSP, this could be permitted with a directive such as:
script-src analytics.silktide.com
Endpoint
Silktide uses an endpoint to receive and record data, inside a hostname that varies depending on your region:
EU customers:
a.eu.silktide.comUS customers:
a.us.silktide.com
If you’re not sure which of these you use, open a page that uses the JavaScript for your Silktide Analytics script, and in Developer Tools > Console, enter the line: window.stConfig.endpointUrl and press Enter.
In a CSP, this could be permitted with a directive such as:
connect-src a.eu.silktide.com