Content security policy for the Checkout page

Content Security Policy (CSP) is a protocol that acts as a security measure for cross-site scripting.

The following is the CSP policy that you would need to add in your headers or meta tag:


  style-src : https://<domain>.chargebee.com/assets/hp_v3/iframe_views/
    script-src : [https://js.chargebee.com/v2/chargebee.js](https://js.chargebee.com/v2/chargebee.js)
    frame-src : https://<domain>.chargebee.com/

Since we have enabled CSP in 'Report Only' mode, please report only the errors that are a part of our iframe.

“Subscription[Start_Date] should not be passed for cancelled subscription” error while importing subscriptions via Bulk operation.

How to customise the Consent management settings in Chargebee’s hosted page

Error: Session Expired

Chargebee's site name was renamed but why does this still show a different name?

Related Docs

Configuring fields and labels for Checkout—Chargebee Docs

Show Related Articles

Was this article helpful?

Product Updates

Getting Started

Implementing Chargebee

Developer Resources

Product Catalog

Subscriptions

Customers

Entitlements

Usage Based Billing

Chargebee CPQ

Invoices, Credit Notes, and Quotes

Taxes

Hosted Capabilities

Site Configuration

Multi Business Entity

Mobile Subscriptions

Reports and Analytics

Integrations

Data Privacy & Security

Data Operations

Content security policy for the Checkout page

Related Docs