Experience Builder Trusted Sites
The following are a list of URLs that need to be allowed within your CSP policy.
- Talkative Engage
- reason: loading js script for widget from main engage website
- url: https://us.engage.app or https://eu.engage.app
- Talkative CDN
- reason: loading additional script files from the Talkative CDN
- url: https://talkative-cdn.com
- Engage s3 bucket
- reason: handles file uploads / avatar
- URL, either:
- https://us-engage-app.s3.us-east-2.amazonaws.com/
- https://eu-engage-app.s3.eu-west-1.amazonaws.com/
- allow: img-src, media-src
- Engage main site:
- reason: js http communication with engage api
- URL, either:
- allow: connect-src
- sentry
- reason: error logging
- url: https://sentry.io
- allow: connect-src
- pusher sockjs
- reason: websockets realtime connection
- URL, either:
- allow: connect-src
- pusher websocket
- reason: websockets realtime connection
- URL, either:
- wss://ws-us2.pusher.com
- wss://ws-eu.pusher.com
- allow: connect-src
- Cobrowse
- reason: connection for video chat feature
- CSP:
- connect-src https://*.daily.co/
- script-src https://*.daily.co
- connect-src wss://*.wss.daily.co
- Cobrowse
- reason: websocket connection for cobrowse connection
- URL, either:
- wss://eu.talkative-ws.com/
- wss://us.talkative-ws.com/
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article