Why are images not showing up in the widget?

If your widget is missing graphic elements or loading incorrectly, you may need to update your website’s Content Security Policy (CSP).

Content Security Policy protects your website from attacks by allowing you to restrict permissions to load content on your website.

Adding a Domain Whitelist for Content Security Policy

To allow another domain to load scripts on your site, add a Content-Security-Policy header to your server’s configuration file. To enable the tawk.to widget on your site, add the following CSP headers on your server configuration.


Content-Security-Policy: style-src *.tawk.to fonts.googleapis.com cdn.jsdelivr.net


Content-Security-Policy: script-src *.tawk.to cdn.jsdelivr.net


Content-Security-Policy: frame-src *.tawk.to


Content-Security-Policy: font-src *.tawk.to fonts.gstatic.com


Content-Security-Policy: img-src *.tawk.to cdn.jsdelivr.net tawk.link


Content-Security-Policy: connect-src *.tawk.to wss://*.tawk.to


Content-Security-Policy: form-action *.tawk.to

This article shows how to add a header to commonly used web servers: How to Add a Header  

Was this article helpful?

7 out of 10 liked this article

Still need help? Message Us