Product guides

Sensor

Suggest Edits

CSP Sensor Requirements

If your website uses a Content-Security-Policy (CSP) header, please ensure it includes the required values for the functionality our scripts.

For each of the following CSP directives, if used, make sure to also include the specified source expressions as listed below:

script-src

  • 'self' - Required for 1st-party scripts.
  • 'unsafe-inline' - Not required if nonce is used (and applied to the Sensor script) or if both the ABR Manager (Auto-ABR) and DevTools Detection capabilities are disabled.
  • *.px-cloud.net *.px-cdn.net

connect-src

  • 'self' - Required for 1st-party requests.
  • *.px-cloud.net *.px-cdn.net *.pxchk.net *.px-client.net

In addition to the above, it’s recommended to include the following directive and source expression, as it allows Human Challenge to use multithreading for a specific CPU task, potentially speeding up the solution process:

worker-src

  • blob:

Updated about 1 month ago