You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Many web applications employ a Content Security Policy to restrict which domains or resources can be loaded. It would be nice to document what domains need to be allow-listed in order to allow Authing to work.
For example, necessary CSP directives will need to include at least the following:
Description
Many web applications employ a Content Security Policy to restrict which domains or resources can be loaded. It would be nice to document what domains need to be allow-listed in order to allow Authing to work.
For example, necessary CSP directives will need to include at least the following:
connect-src: [youraccount].authing.cn core.authing.cn files.authing.co
img-src: authing-files.oss-cn-zhangjiakou.aliyuncs.com
font-src: at.alicdn.com
I'm not sure if the above list is complete.
Proposed solution
Documenting the full list of origins that need to be added to a web application's Content Security Policy to allow Authing to function.
The text was updated successfully, but these errors were encountered: