Why are images not showing up in the widget?

If your widget is missing graphic elements or loading incorrectly, you may need to update your website’s Content Security Policy (CSP).


Content Security Policy protects your website from attacks by allowing you to restrict permissions to load content on your website.

Adding a Domain Whitelist for Content Security Policy

To allow another domain to load scripts on your site, add a Content-Security-Policy header to your server’s configuration file. To enable the tawk.to widget on your site, add the following CSP headers on your server configuration.


style-src

Content-Security-Policy: style-src *.tawk.to fonts.googleapis.com cdn.jsdelivr.net


script-src

Content-Security-Policy: script-src *.tawk.to cdn.jsdelivr.net


frame-src

Content-Security-Policy: frame-src *.tawk.to


font-src

Content-Security-Policy: font-src *.tawk.to fonts.gstatic.com


img-src

Content-Security-Policy: img-src *.tawk.to cdn.jsdelivr.net tawk.link


connect-src

Content-Security-Policy: connect-src *.tawk.to wss://*.tawk.to


form-action

Content-Security-Policy: form-action *.tawk.to


This article shows how to add a header to commonly used web servers: How to Add a Header  

Was this article helpful?

7 out of 10 liked this article

Still need help? Message Us