We would need to add Content Security Policy to our application. I saw this article on Intercom Help. There it is stated to use 'unsafe-inline' but I am wondering is there a way not to use it, since we would like avoid that in our policy?
Best answer by Evan P
View originalHey again @stefan m . 👋
I replied to your other post with an answer here but just incase that didn't show I'll copy my message here.
"Currently 'unsafe-inline' is required for various aspects of Intercom to work properly. If you choose not to include one or some of the policies listed in that article you have looked at, then Intercom will potentially not function correctly.
You definitely aren't the first to reach out about our CSP so I will make sure to flag this with our Product team so they aware of it. I hope this clarifies."
Any progress on using Intercom with CSP?
Pascal
+3
Hi
We are constantly working to enhance the intercom.
You can find more about using CSP in Intercom in this article.
Please let me know if that was the answer you were looking for 😎
Hey Mat
Thanks for the update! There still seems to be a requirement to include
style-src:
'unsafe-inline’
Is there any way to avoid this, or any updates underway?
This is quite crucial for us & cybersecurity in general.
+5
Hey there
That ‘unsafe-inline’ has been flagged with our team, but as of right now it is still a requirement.
Already have an account? Login
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
