Troubleshooting: Content Security Policy (CSP)

Why does this happen?

Your site is configured to restrict one or more security policies through a Content-Security-Policy header and doesn't explicitly permit access to CrazyEgg.

Solving the Error

Ask your developer to add policies allowing script, connect and image access to *.crazyegg.com in the Content-Security-Policy header.

More specifically:

1. Add *.crazyegg.com to default-src.
   
   
2. If you have specific directives for script-src, connect-src, style-src, iframe-src, and/or img-src, also add *.crazyegg.com to each of those that are present.
   
   
3. Add blob: to the worker-src or the child-src directive if present.  
   1. Add it to the script-src directive is present.
   2. Otherwise, add it to the default-src directive.
   3. If you are using our Surveys feature and have specific directives for *style-src*, also add *unsafe-inline*.