How to implement CSP with Intercom?

  • 3 November 2023
  • 2 replies

We need to add a Content Security Policy to our application that adheres to the following requirements:

  1. include a 'default-src' directive to act as a fallback for other resource types when their policy definitions are absent
  2. set explicit CSP 'script-src' and 'style-src' directives, without the use of wildcard domains
  3. not utilize any 'unsafe'- prefixed directives.

Reading through this article in Intercom Help, i think point#2 above can be addressed (but please confirm), and also advise if points #1 and #3 can work with Intercom (e.g. can we avoid using the 'unsafe-inline'?)


Best answer by Shauna 14 November 2023, 13:41

View original

2 replies

Would love to have feedback on if there is a way to implement this CSP - anyone knows or has an idea?

Userlevel 3
Badge +4

Hey @Portal Support 👋🏼  Shauna here from Support! 

I’ve gone ahead and opened a conversation with one of our support engineers to help you with this 👍🏼

They’ll be in touch with you soon! 

Will update this thread with information as soon as this is resolved with support!