Content security policy for the Checkout page

Modified on: Thu, 19 Sep, 2019 at 8:59 PM

Content Security Policy (CSP) is a protocol that acts as a security measure for cross-site scripting.

The following is the CSP policy that you would need to add in your headers or meta tag:

 

style-src : https://<domain>.chargebee.com/assets/hp_v3/iframe_views/
script-src : https://js.chargebee.com/v2/chargebee.js
frame-src : https://<domain>.chargebee.com/


 

Since we have enabled CSP in 'Report Only' mode, please report only the errors that are a part of our iframe.

A
Ajay is the author of this solution article.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.