Content Security Policy (CSP) is a security mechanism that helps protect against content injection attacks, such as Cross Site Scripting (XSS).

If you're supporting CSP up to version 1 or 2, you'll need to add the following to your list of allowed domains for Marker.io to function correctly:

frame-src:
https://marker.io

connect-src:
https://api.marker.io
https://ssr.marker.io

child-src:
https://marker.io

font-src:
https://marker.io
https://edge.marker.io

form-action:
https://marker.io
https://api.marker.io

media-src:
https://media.marker.io
https://marker.io
https://edge.marker.io

img-src:
blob:
data:
https://media.marker.io
https://marker.io
https://edge.marker.io

script-src:
https://edge.marker.io
https://marker.io

style-src:
'unsafe-inline'

Firewalls

Many of the above domains will also need to be allowed in your firewall settings to allow correct functioning of Marker.io

Did this answer your question?