logo
Userlike Guide
/
Setup
/
Integration

Content Security Policy

Intro
Content Security Policy (CSP) is een beveiligingsconcept om cross-site scripting en andere aanvallen door het injecteren van gegevens in webpagina's te voorkomen.
Als u CSP op uw website gebruikt, moet u een van de volgende regels toevoegen om Userlike te kunnen gebruiken.
Regel met het laden van lettertypen
Gebruik deze CSP-regel als u van plan bent om aangepaste web-lettertypen te gebruiken in de Website Messenger.
javascript
child-src 'self' api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com userlike-cdn-widgets.userlike.com userlike-cdn-umm.b-cdn.net blob:;
connect-src wss://umd.userlike.com umd.userlike.com api.userlike.com userlike-cdn-web.b-cdn.net www.userlike.com blob:;
font-src data: userlike-cdn-umm.b-cdn.net fonts.gstatic.com;
frame-src 'self' api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com userlike-cdn-widgets.userlike.com userlike-cdn-umm.b-cdn.net www.youtube.com player.vimeo.com;
img-src data: userlike-cdn-operators.userlike.com userlike-cdn-operators.s3-eu-west-1.amazonaws.com userlike-cdn-operators.userlike.com userlike-cdn-web.b-cdn.net www.userlike.com userlike-store-media-files.s3.amazonaws.com i.ytimg.com;
media-src userlike-cdn-umm.b-cdn.net userlike-store-media-files.s3.amazonaws.com www.userlike.com blob:;
object-src 'none';
script-src 'self' 'unsafe-inline' api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com userlike-cdn-widgets.userlike.com userlike-cdn-umm.b-cdn.net
Regel zonder het laden van lettertypen
Gebruik deze CSP-regel als u van plan bent systeemlettertypen te gebruiken in de website-messenger.
javascript
child-src 'self' api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com userlike-cdn-widgets.userlike.com userlike-cdn-umm.b-cdn.net blob:;
connect-src wss://umd.userlike.com umd.userlike.com api.userlike.com userlike-cdn-web.b-cdn.net www.userlike.com blob:;
frame-src 'self' api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com userlike-cdn-widgets.userlike.com userlike-cdn-umm.b-cdn.net www.youtube.com player.vimeo.com;
img-src data: userlike-cdn-operators.userlike.com userlike-cdn-operators.s3-eu-west-1.amazonaws.com userlike-cdn-operators.userlike.com userlike-cdn-web.b-cdn.net www.userlike.com userlike-store-media-files.s3.amazonaws.com i.ytimg.com;
media-src userlike-cdn-umm.b-cdn.net userlike-store-media-files.s3.amazonaws.com www.userlike.com blob:;
object-src 'none';
script-src 'self' 'unsafe-inline' api.userlike.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com userlike-cdn-widgets.userlike.com userlike-cdn-umm.b-cdn.net
👉🏻
read this article in English: https://docs.userlike.com/setup/integration/content-security-policy
Google Tag Manager
WordPress
Powered by Notaku
Imprint/Impressum
Share