Skip to content

Instantly share code, notes, and snippets.

@ryantology
Forked from benschwarz/README.md
Last active July 7, 2016 02:26
Show Gist options
  • Save ryantology/966a80aa752a163e77fe7807a860820b to your computer and use it in GitHub Desktop.
Save ryantology/966a80aa752a163e77fe7807a860820b to your computer and use it in GitHub Desktop.
Intercom CSP (Content security policy)

You'll need to add a whole slew of hosts for intercom if you've got CSP in place (which you should).

Heres what you'll need to add (updated from intercom support request):

connect-src:
    api.intercom.io
    api-iam.intercom.io
    api-ping.intercom.io
    nexus-websocket-a.intercom.io
    nexus-websocket-b.intercom.io
    nexus-long-poller-a.intercom.io
    nexus-long-poller-b.intercom.io
    wss://nexus-websocket-a.intercom.io
    wss://nexus-websocket-b.intercom.io
    uploads.intercomcdn.com

font-src:
    js.intercomcdn.com

frame-src:
    share.intercom.io
    www.youtube.com
    player.vimeo.com
    fast.wistia.net

img-src:
    js.intercomcdn.com
    static.intercomassets.com
    uploads.intercomcdn.com
    data:

script-src:
    app.intercom.io
    widget.intercom.io
    js.intercomcdn.com

style-src:
    'unsafe-inline'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment