Content Security Policy (CSP) Configuration
14 min
overview when implementing momentscience products, including perkswall, moments, and other native offer experiences, you may need to define a strict content security policy (csp) to meet your security or compliance requirements this guide outlines the domains that should be explicitly allowed in your csp configuration to ensure all assets load correctly these domains support key features such as api communication, creative rendering, analytics tracking, embedded content, and styling if your site blocks external scripts, fonts, or other resources by default, be sure to add the domains listed below to the appropriate directives required domains by csp directive connect src used for backend api calls, event tracking, and offer delivery services connect src https //api adspostx com https //trk adspostx com https //trk pubtailer com https //trk e pubtailer com https //e pubtailer com https //api perskwallet com font src required for loading fonts used in momentscience user experiences font src https //cdn pubtailer com https //adpx b cdn net https //fonts gstatic com https //fonts googleapis com frame src used for embedding components such as perkswall and moments frame src https //cdn pubtailer com https //get perkswall com img src domains used to serve offer creatives, icons, and tracking pixels img src https //api adspostx com https //cdn pubtailer com https //trk pubtailer com https //trk e pubtailer com https //e pubtailer com https //adpx b cdn net script src elem sources for javascript libraries, sdks, and analytics scripts script src elem https //cdn pubtailer com https //naojs pubtailer com https //trk pubtailer com https //trk e pubtailer com https //e pubtailer com script src attr required if inline event handlers or dynamically generated scripts are restricted script src attr https //cdn pubtailer com https //naojs pubtailer com https //trk pubtailer com https //trk e pubtailer com https //e pubtailer com style src elem used for loading stylesheets required by moments and perkswall experiences style src elem https //cdn pubtailer com https //naojs pubtailer com https //trk pubtailer com https //trk e pubtailer com https //e pubtailer com https //api adspostx com style src attr include these sources if you restrict inline style attributes style src attr https //cdn pubtailer com https //naojs pubtailer com https //trk pubtailer com https //trk e pubtailer com https //e pubtailer com https //api adspostx com 📢 if you're running into any issues while going through the integration process, feel free to contact us at help\@m omentscience com