Crownpeak (Retired)

Privacy Blocked by CSP (Content Security Policy) Error

Privacy Blocked by CSP (Content Security Policy) Error 

When a customer has issues with a Privacy notice functioning properly on their site, one important thing to check is that Evidon files are not getting blocked by the website's CSP or Content Security Policy. 

**Customers should make sure that their CSP includes `` and `` to their whitelist to prevent it from blocking our files.  These two terms should cover all Evidon files that need to load on a page.

To check this (see image below):
1.  Pull up the website with the notice in question
2.  Hit F12 or right click and "Inspect" in Chrome to open Dev Tools.  
3.  Click Network, and then refresh the page.  The Network tab in Dev Tools gives information on page loading, such as what files are being requested to pull onto the page, and how long it takes for the request to complete.
4.  Scroll to find any files that may have fired an error, or 400 or other status besides 200, to find anything that may not have loaded on the page correctly.  

This image shows a website, where the Network tab in devTools has been used to find any problem files that did not load properly.  In this example, tag.js happens to be an Evidon file that is essential to the privacy notice functioning properly.  The customer was able to see the AdChoices link they implemented using our tag, but once clicked, it did not open the opt-out tool.  We can see that tag.js has a status of (blocked:csp). 

The fix for this customer was to add `` and `` to their CSP's whitelist, and that would allow Evidon's files to load, and the notice to work as it should. 

Page showing CSP blocking an Evidon file from loading

Labels (1)

Can't find what you are looking for?

Find Answers

Search our DG Forum to find answers to questions asked by other DG users.

Ask a Question

No luck? Ask a question. Our Product and Support teams are monitoring the Forum and typically respond within 48 hours.

Ask a Question