Content Security Policy (CSP) is a protocol that acts as a security measure for cross-site scripting.

The following is the CSP policy that you would need to add in your headers or meta tag:

 

style-src : https://<domain>.chargebee.com/assets/hp_v3/iframe_views/
script-src : https://js.chargebee.com/v2/chargebee.js
frame-src : https://<domain>.chargebee.com/


 

Since we have enabled CSP in 'Report Only' mode, please report only the errors that are a part of our iframe.