CSP Configuration
If your website uses a Content Security Policy (CSP), you must whitelist the following origins in at least the script-src and connect-src directives of your policy:
Whitelist these origins in your script-src policy:
- https://*.digitalgenius.com
- https://*.dgdeepai.com
- https://dg-flow-media-eu-central-1-prod.s3.eu-central-1.amazonaws.com
Whitelist these origins in your connect-src policy:
- https://*.digitalgenius.com
- https://*.dgdeepai.com
- https://*.pusher.com
- wss://*.pusher.com
- wss://*.pusherapp.com
However, depending on your CSP configuration you may need to add the origins to additional directives (for example script-elem-src). Please test a handover via the widget to Zendesk to ensure your CSP policy doesn't block any calls to smooch/zendesk.
If you are using Sunco (Zendesk) as your helpdesk you will also need to follow this documentation to whitelist Sunco/Zendesk origins: https://github.com/zendesk/sunshine-conversations-web?tab=readme-ov-file#content-security-policy
If your CSP configuration uses a nonce then Genius Chat will propagate the nonce on to any scripts that it injects as long as the nonce is present on the init script:
<script src="https://chat.digitalgenius.com/init.js" nonce="1234567890"></script>
Updated about 2 hours ago