Skip to content

Instantly share code, notes, and snippets.

@matiu matiu/csp.md
Created Nov 29, 2018

Embed
What would you like to do?
Copay and Bitpay Wallet Network Restrictions

To prevent unautorized network access, Copay and Bitpay Wallet v5.3.0 and above use the following Content Security Policy (CSP)

  <meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-eval' https://bws.bitpay.com
  https://bitpay.com https://auth.shapeshift.io https://shapeshift.io https://api.coinbase.com https://coinbase.com; 
  img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:">

This restrict network connections to the listed hosts only. As a consecuence, accessing self-hosted Bitcore Wallet Service (BWS) hosts will not be allowed. If you are using a self-hosted BWS you need to build the app yourself from source and modify that above line (at app-template/index-template.html) to match your host.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.