CSP & Domains
Websites that use Content Security Policy (CSP) might not allow default access to domains managed by Fanplayr which are required for its various services and features to function correctly.
Use the details in this section if your website uses a simple configuration that only makes use of the
default-src
CSP directive.If your website allows wildcard domain values:
The following values for the
default-src
directive will be enough to enable all Fanplayr services:'unsafe-inline'
*.fanplayr.com
d38nbbai6u794i.cloudfront.net
Note, the
unsafe-inline
keyword value is required for Fanplayr widgets.If your website does NOT allow wildcard domain values:
You will need to list each domain used by Fanplayr individual in the
default-src
directive to enable all services:'unsafe-inline'
cdn.fanplayr.com
static.fanplayr.com
d38nbbai6u794i.cloudfront.net
my.fanplayr.com
e1.fanplayr.com
w1.fanplayr.com
collect.fanplayr.com
recommendations.fanplayr.com
site-speed.fanplayr.com
fonts.fanplayr.com
Note, the
unsafe-inline
keyword value is required for Fanplayr widgets.Use this guide if your website uses more than just the
default-src
CSP directive. As your website uses other more specific directives, you will need to allow access to Fanplayr's domains for multiple directives to enable all services.Each of the sections below describe a CSP directive and the most specific values needed for Fanplayr to operate correct. If your website allows wildcard domains, many of the values can be shortened to
*.fanplayr.com
.'unsafe-inline'
cdn.fanplayr.com
static.fanplayr.com
d38nbbai6u794i.cloudfront.net
my.fanplayr.com
e1.fanplayr.com
w1.fanplayr.com
ajax.googleapis.com
Note, the
unsafe-inline
keyword value is required for Fanplayr widgets.'unsafe-inline'
fonts.fanplayr.com
Note, the
unsafe-inline
keyword value is required for Fanplayr widgets.cdn.fanplayr.com
collect.fanplayr.com
d38nbbai6u794i.cloudfront.net
d38nbbai6u794i.cloudfront.net
recommendations.fanplayr.com
site-speed.fanplayr.com
cdn.fanplayr.com
The following briefly outlines the primary purpose of each Fanplayr-managed domain:
Domain | Description |
---|---|
cdn.fanplayr.com | Content delivery network. |
static.fanplayr.com | Content delivery network. |
d38nbbai6u794i.cloudfront.net | Content delivery network. |
fonts.fanplayr.com | Content delivery network. |
my.fanplayr.com | Page tracking and segmentation evaluation. |
e1.fanplayr.com | Page tracking and segmentation evaluation. |
w1.fanplayr.com | Page tracking and segmentation evaluation. |
collect.fanplayr.com | Analytics tracking. |
site-speed.fanplayr.com | Analytics tracking. |
recommendations.fanplayr.com | Product recommendation service. |
ajax.googleapis.com | Google content delivery network (used for loading Web Font loader library). |
Last modified 3mo ago