CSP Configuration
If your website uses a Content Security Policy (CSP), you must whitelist the following origins in at least the script-src and connect-src directives of your policy:
Whitelist these origins in your script-src policy:
https\://\*.digitalgenius.comhttps\://\*.dgdeepai.com<https://dg-flow-media-eu-central-1-prod.s3.eu-central-1.amazonaws.com>
Whitelist these origins in your connect-src policy:
https\://\*.digitalgenius.comhttps\://\*.dgdeepai.comhttps\://\*.pusher.comwss://\*.pusher.comwss://\*.pusherapp.com
However, depending on your CSP configuration you may need to add the origins to additional directives (for example script-elem-src). Please test a handover via the widget to Zendesk to ensure your CSP policy doesn't block any calls to smooch/zendesk.
If you are using Sunco (Zendesk) as your helpdesk you will also need to whitelist the following origins:
connect-src
wss://\*.smooch.iowss://\*.zendesk.comhttps\://\*.smooch.io
font-src
https\://\*.smooch.iohttps\://\*.zendesk.com
script-src
https\://\*.smooch.iohttps\://\*.zendesk.com
style-src
https\://\*.smooch.iohttps\://\*.zendesk.com
img-src
https\://.smooch.ioblob:https\://\*.zendesk.com
If your CSP configuration uses a nonce then Genius Chat will propagate the nonce on to any scripts that it injects as long as the nonce is present on the init script:
<script src="https://chat.digitalgenius.com/init.js" nonce="1234567890"></script>Updated 5 days ago