We would need to add Content Security Policy to our application. I saw this article on Intercom Help. There it is stated to use 'unsafe-inline' but I am wondering is there a way not to use it, since we would like avoid that in our policy?
Page 1 / 1
Hey again @stefan m . 👋
I replied to your other post with an answer here but just incase that didn't show I'll copy my message here.
"Currently 'unsafe-inline' is required for various aspects of Intercom to work properly. If you choose not to include one or some of the policies listed in that article you have looked at, then Intercom will potentially not function correctly.
You definitely aren't the first to reach out about our CSP so I will make sure to flag this with our Product team so they aware of it. I hope this clarifies."
Any progress on using Intercom with CSP?
Pascal
Hi 
We are constantly working to enhance the intercom.
You can find more about using CSP in Intercom in this article.
Please let me know if that was the answer you were looking for 
Hey Mat
Thanks for the update! There still seems to be a requirement to include
style-src:
'unsafe-inline’
Is there any way to avoid this, or any updates underway?
This is quite crucial for us & cybersecurity in general.
Hey there
That ‘unsafe-inline’ has been flagged with our team, but as of right now it is still a requirement.
Is there any progress on this? We will not be able to use Intercom in certain client environments due to strict CSP rules (as defined by Dutch Government). Hopefully this will be soon be compliant?
Content Security Policy (CSP), I think it's helpful for any website.
+1
Reply
Join the Intercom Community 🎉
Already have an account? Login
Login to the community
No account yet? Create an account
Intercom Customers and Employees
Log in with SSOor
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.