Content Security Policy (CSP) with Kundo Chat
If you use Content Security Policy on your web page, you will need to configure your CSP rules in order for Kundo chat to work properly.
In order to get the chat working properly they will need to allow the following:
Allow "frame-src" from these domains:
https://org-[insert customer org-id here].chat.kundo.se/
https://chat.kundo.se/
https://sentry.kundo.se/api/
Allow "connect-src" from these domains:
https://org-[insert customer org-id here].chat.kundo.se/
https://chat.kundo.se/
https://sentry.kundo.se/api/
wss://ws-eu.pusher.com/app/
https://*.pusher.com/
https://kundo.se/attachment/upload/
https://static.kundo.se/static/
Allow "img-src" from these domains to display user avatars:
https://kundo.se
https://static.kundo.se
https://chat.kundo.se
Allow "style-src" from these domains to allow the chat to be properly styled:
https://chat.kundo.se
https://static-chat.kundo.se
Allow "script-src-elem" from these domains to allow the chat script to be loaded:
https://chat.kundo.se
https://static-chat.kundo.se
Allow "media-src" from this domain to allow the chat to play sound notifications:
https://static-chat.kundo.se