Why does this happen?
Your site is configured to restrict one or more security policies through a Content-Security-Policy header and doesn't explicitly permit access to CrazyEgg.
Solving the Error
Ask your developer to add policies allowing script, connect and image access to *.crazyegg.com in the Content-Security-Policy header.
More specifically:
- Add *.crazyegg.com to default-src.
- If you have specific directives for script-src, connect-src, style-src, iframe-src, and/or img-src, also add *.crazyegg.com to each of those that are present.
- Add the blob: directive depending on the following.
- If you have the worker-src or the child-src directive.
Otherwise, add it to the default-src directive. - If you use our Surveys & CTAs feature and have specific directives for *style-src*, add *unsafe-inline*.
- If you have the worker-src or the child-src directive.