Allowing FigPii through CSP

To enhance security, websites define Content Security Policy (CSP), which allows website owners to restrict the content (script/styles/images, etc.) loaded on the page to only trusted (whitelisted) sources. It ensures that no malicious external asset can risk your business or customers by acting as an agent for a trusted website. The browser will reject any content from non-whitelisted sources if the Content-Security-Policy header is defined.

Whitelist *.figpii.com (Recommended)

You can simply allow all subdomains of .figpii.com from which we serve different modules of FigPii. To do so add the following rule to your  Content-Security-Policy.

connect-src  *.figpii.com
style-src *.figpii.com
script-src *.figpii.com
img-src *.figpii.com

Whitelist individual FigPii Subdomains

You can allow specific subdomains of .figpii.com from which we serve different modules of FigPii. To do so add the following rule to your Content-Security-Policy.

connect-src tracking-settings.figpii.com rr.figpii.com analytics.figpii.com tdh.figpii.com tdw.figpii.com sessions.bugsnag.com wss://tdw.figpii.com
style-src variations-cdn.figpii.com
script-src tracking-cdn.figpii.com statics-cdn.figpii.com variations-cdn.figpii.com
img-src variations-cdn.figpii.com data:

Still need help? Contact Us Contact Us