Content Security Policy (CSP) for JavaScript Library

What is Content Security Policy (CSP)?

CSP is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. It is important to be protected against these threats, as they could compromise the integrity of your data or leave your customers exposed to the risk of fraud.

  For further information on CSP, you can refer to the Mozilla documentation:
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP

 

If CSP has been configured as part of your solution, your CSP definition should include the following URLs/wildcards:

  • https://*.cardinalcommerce.com
  • https://*.securetrading.net
  • https://www.google-analytics.com/
  • https://*.checkout.visa.com/
  • https://pay.google.com/

  There should not be any restrictions set on the iframe SRC, as it may cause errors when attempting to display a card issuer's Access Control Server.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request