Widget not appearing on your website or missing images? Check your Content Security Policy
If your widget is loading incorrectly, missing images, or not showing up on your website, there are a number of possible causes. To narrow down your troubleshooting, here’s how to fix the problem when your Content Security Policy is the culprit.
If you see the widget briefly when the page loads and then it quickly disappears, your widget is likely being blocked due to your Content Security Policy. CSP is a form of cyber security created to help combat common attacks resulting in data theft, distribution of malware, unauthorized admin access, and many more unsavory online practices.
If your widget is missing graphic elements or loading incorrectly, you may need to update your website’s Content Security Policy (CSP).
Part of the way Content Security Policy protects your website from attacks is by allowing you to restrict permissions to load content on your website. This can sometimes interfere with external software in unwanted ways, such as blocking the chat widget.
Adding a Domain Whitelist for Content Security Policy
To allow another domain to load scripts on your site, add a Content-Security-Policy header to your server’s configuration file. To enable the tawk.to widget on your site, add the following CSP headers on your server configuration.
Content-Security-Policy: script-src *.tawk.to cdn.jsdelivr.net
Content-Security-Policy: frame-src *.tawk.to
Content-Security-Policy: font-src *.tawk.to fonts.gstatic.com
Content-Security-Policy: img-src *.tawk.to cdn.jsdelivr.net tawk.link
Content-Security-Policy: connect-src *.tawk.to wss://*.tawk.to
Content-Security-Policy: form-action *.tawk.to
If you need more information, this article shows how to add a header to commonly used web servers: How to Add a Header.
If you need more help, reach out to the chat agents on our website. They are available to assist you 24/7.
If you’d prefer to speak with someone over the phone, you can book a call with a member of our customer success team.