To ensure the proper functioning of Shopimind services on your e-commerce site, it is necessary to configure your Content Security Policy (CSP) to allow our domains. A CSP configuration that is too restrictive can block certain scripts, images, or essential content, preventing Shopimind from offering an optimal experience.
ShopiMind uses several domains to host and distribute its resources, such as JavaScript files, images, or application services. If these domains are not explicitly allowed in your CSP, your visitors may not see certain features or content related to ShopiMind.
Here is the complete list of ShopiMind domains to add to your CSP:
static-spm.com
*.static-spm.com
media.shopimind.io
app-spm.com
*.app-spm.comIdentify the CSP directive to modify
Depending on your current configuration, the most common directives you will need to modify are:
script-src : to allow scripts.
img-src : to allow images.
style-src : to allow stylesheets.
connect-src : for API or WebSocket requests.
Update your CSP policy
If you are using a .htaccess file, an NGINX or Apache server, add the Shopimind domains to your Content-Security-Policy directive.
Test your configuration
Once the policy is updated, we recommend performing the following checks:
Check that page views are correctly reported in your dashboard.
Check that the images of the pop-ins or ShopiMind Smart-Contents are displayed correctly on your store.
If you have any questions or need further assistance, our support team is at your disposal.