Fibr Support
  • Fibr Docs
  • Get Started
    • Intro to Fibr
      • What is Fibr?
      • What products does Fibr offer?
    • Account Settings
      • Inviting Your Team
    • Fibr Script
      • What is Fibr Script?
      • Configuring the Fibr Script for your website
      • Impact of Fibr Script on Website Performance
    • FAQs
      • How to Whitelist Fibr in Your Website’s Content Security Policy (CSP)?
      • Can You Run Fibr on Your Local Machine?
  • Fibr Testing
    • Intro to A/B Testing
      • How to Create an A/B Test in Fibr?
      • How do you create a bulk AB campaign?
    • Audience Selection
      • Define your Audience Segment
      • Location-based Segmentation
    • FAQs
      • What are Traffic Allocation and Traffic Split?
      • Can I change an experiment's configuration when it is running?
      • Can I Run Fibr Tests on a Website That Has Cookies Disabled?
      • Can I Run Fibr Tests on Sub-domains?
      • Scheduling a Campaign in Fibr
  • Fibr Personalization
    • Ad Personalization
      • How to create an Ad Personalization campaign?
      • How to create a bulk Ad Personalization campaign?
    • Audience Personalization
      • How to create an Audience Personalization campaign?
      • Defining the audience for Audience Personalization
      • Location-based Segmentation
      • How to create a bulk Audience Personalization campaign?
  • Fibr Editor
    • Using Visual Editor to Create Variants
    • Using Visual Editor to track events
    • Using Fibr Editor for Bulk Variant Creation
  • Metrics
    • How can I define metrics on Fibr?
    • How do the GTM metrics work on Fibr?
    • What is a Primary Metric?
  • Integrations
    • Integrating Fibr with Google Analytics 4
    • Integrating Fibr with Google Tag Manager
    • Integrating Fibr with Google Ads
    • Integrating Fibr with Meta Ads
Powered by GitBook
On this page
  • What is CSP?
  • How to know if you're facing a CSP issue
  • Setting up your CSP for Fibr
  1. Get Started
  2. FAQs

How to Whitelist Fibr in Your Website’s Content Security Policy (CSP)?

Learn how to whitelist Fibr in your website’s Content Security Policy (CSP) to ensure smooth script execution, personalization, and tracking without security errors.

PreviousFAQsNextCan You Run Fibr on Your Local Machine?

Last updated 4 months ago

What is CSP?

A content security policy (CSP) is an additional security feature that some websites have implemented. It allows website developers to have more control over the types of content and resources that are allowed to load on their websites.

Sometimes, a website's content security policy settings can prevent Fibr from performing certain actions, such as loading the website in the editor.

How to know if you're facing a CSP issue

The fastest way to identify a content security policy (CSP) issue is to look for unexpected changes on your website. With Fibr, if the Fibr Studio Chrome extension keeps loading/crashing or the changes that you have published for a campaign don't get reflected on your website, it is then imperative that you check for CSP.

To confirm if CSP problems cause these issues, follow these steps:

  1. Right-click on the page.

  2. Select "Inspect" from the menu.

  3. Click on the "Console" tab at the top of the developer tools window.

If there are any CSP-related errors, you'll likely see something similar to the following displayed in the console:

Setting up your CSP for Fibr

Important Note: If an existing content security policy (CSP) is in place, you should only add the necessary Fibr domains to that existing CSP. Do not create a new CSP to add the Fibr domains. Modifying the existing CSP is the appropriate approach here.

To solve these errors, you'll need to allow-list the following domains on your content security policy:

default-src: self, https://*.fibr.shop
script-src: self, https://*.fibr.shop
img-src: self, https://*.fibr.shop
frame-src: self, https://*.fibr.shop
child-src: self, https://*.fibr.shop
style-src: self, https://*.fibr.shop