Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit caa1d64

Browse filesBrowse files
untitakerkamilogorek
untitaker
authored and
kamilogorek
committed
Add information about the CSP to the docs
1 parent e0c898f commit caa1d64
Copy full SHA for caa1d64

File tree

Expand file treeCollapse file tree

1 file changed

+8
-0
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

1 file changed

+8
-0
lines changed
Open diff view settings
Collapse file

‎docs/install.rst‎

Copy file name to clipboardExpand all lines: docs/install.rst
+8Lines changed: 8 additions & 0 deletions
  • Display the source diff
  • Display the rich diff
Original file line numberDiff line numberDiff line change
@@ -127,6 +127,14 @@ The same thing can happen for any cross-origin scripts as well. To read more abo
127127

128128
To read un-minified source code for this loader, see `loader.js <https://github.com/getsentry/raven-js/blob/master/packages/raven-js/src/loader.js>`_
129129

130+
Content-Security Policy
131+
~~~~~~~~~~~~~~~~~~~~~~~
132+
133+
If you have CSP set up on your site, you will need to add the `script-src` of wherever you're loading the SDK from, and the origin of your DSN. For example:
134+
135+
* `script-src: https://cdn.ravenjs.com`
136+
* `connect-src: https://sentry.io`
137+
130138
Requirements
131139
~~~~~~~~~~~~
132140

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.