Skip to main content
All CollectionsTroubleshooting
Content Security Policy directive: frame-src 'self' error
Content Security Policy directive: frame-src 'self' error

Troubleshooting: Content Security Policy directive: frame-src 'self' error

Updated over 2 months ago

If your UserWay widget is not loading on your website due to Content Security Policy (CSP) restrictions, follow these steps to fix the issue:

  1. Identify the Error:

    • Look for the error message indicating frame-src 'self' in your CSP directive.

  2. Update CSP Settings:

    • Modify your CSP policy to include *.userway.org in the frame-src directive.

      default-src 'self' *.userway.org;
    • Apply the updated CSP settings on your website to allow the widget scripts to load securely.

Note: If your system does not provide an option to add a wildcard domain, please ensure to add the following domains: cdn.userway.org, userway.org, and api.userway.org.

By adjusting your CSP to permit frames from UserWay's domains, you ensure that the widget functions correctly without compromising security measures. For further assistance, reach out to your web development team or UserWay support.

If you have any questions, you can reach our support team at desk@support.userway.org.

Did this answer your question?