Content Security Policy

Using a website Content Security Policy (CSP) with LivePerson web chat/messaging
  • Web messaging

A website Content Security Policy (CSP) can be modified to be compatible with LivePerson web chat/messaging. Here are the requirements/recommendations.

If you have defined a Content Security Policy (CSP) for your website, and you’ve also integrated the Liveperson Web Messaging and/or Chat experience on your website via the Web Tag, the CSP may need to be modified to allow certain critical LivePerson resources to be loaded by consumer browsers.

What is a CSP?: an added layer of security to restrict/specify the sources and type of content (scripts/styles/iframes/etc.) that can be loaded on the web page. It helps to mitigate certain types of attacks, including Cross-Site Scripting (XSS).

Please see the developer documentation for more information, including details on how to implement the recommended CSP.

Missing Something?

Check out our Developer Center for more in-depth documentation. Please share your documentation feedback with us using the feedback button. We'd be happy to hear from you.