Docs

Log in to read the version of docs relevant to your site, or use the dropdown versions

Content security policy for the Checkout page

Content Security Policy (CSP) is a protocol that acts as a security measure for cross-site scripting.

The following is the CSP policy that you would need to add in your headers or meta tag:


  style-src : https://<domain>.chargebee.com/assets/hp_v3/iframe_views/
    script-src : [https://js.chargebee.com/v2/chargebee.js](https://js.chargebee.com/v2/chargebee.js)
    frame-src : https://<domain>.chargebee.com/

Since we have enabled CSP in 'Report Only' mode, please report only the errors that are a part of our iframe.

Was this article helpful?