[Archive] Content Security Policy settings to use web3auth

githubdiscussions · January 19, 2023, 6:20pm

Archived Content from Web3Auth Community

This topic was originally posted by githubdiscussions on 1/19/2023.
This content has been migrated from our previous community forum to preserve valuable discussions.

What permissions are required by web3auth to run if you are using CSP to secure your site?

Steps to reproduce the behavior:

Integrate web3auth
Enable CSP on your web server for example using helmet.contentSecurityPolicy
web3auth will fail to run

Would be great to have all CSP settings listed in a block so we can just copy paste:
{
scriptSrc: ["web3auth scripts"],
frameSrc: ["if script use frames"],
styleSrc:
imgSrc:
mediaSrc:
}

Originally posted by: lida-spaceport

Check the discussion at: https://github.com/orgs/Web3Auth/discussions/1227

Topic		Replies	Views
MoonPay checkout blocked in production — CSP frame-ancestors missing checkout.web3auth.io Embedded Wallets (Web3Auth) web3auth , embedded-wallets , embedded-wallet	6	56	February 28, 2026
[Archive] CSP Error: WebAssembly.instantiate blocked by unsafe-eval when using MPC-TSS signMessage in browser Embedded Wallets (Web3Auth)	2	7	August 27, 2025
[Archive] Unable to whitelist Chrome Extension in the dashboard to use Web3Auth from inside it Embedded Wallets (Web3Auth)	0	1	October 6, 2022
[Archive] Community Call #10 Embedded Wallets (Web3Auth)	0	6	April 19, 2024
[Archive] Community Call #9 Embedded Wallets (Web3Auth)	0	7	March 21, 2024

[Archive] Content Security Policy settings to use web3auth

Related topics