For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
HUMAN DashboardHUMAN WebsiteRequest a Demo
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
  • Getting Started
    • Overview
    • Best practices
  • Sightline Cyberfraud Defense
    • About Sightline Cyberfraud Defense
    • Getting Started
    • What's different in Sightline Cyberfraud Defense
    • Sensor changelog
    • About the Overview Dashboard
    • Glossary
  • AgenticTrust
    • Getting started with AgenticTrust
    • AI Agents Monitoring Dashboard
    • AI Visitors Overview Dashboard
    • Manage AI Agent Permissions
    • Agentic Activity Priority
    • Agent Trust Levels
  • Account Defender
    • Account Defender Overview
    • Use Cases
    • Prerequisites
    • Getting Started with Account Defender
    • Optimizing Account Defender Detection
    • Validating Account Defender Integration
    • Risk Triggers
    • About Network Events
    • Troubleshooting
  • Bot Defender
    • Bot Defender Overview
    • Detection
    • Bot Defender Policy Settings
    • Footprint
      • Performance impact
      • Sensor
  • Credential Intelligence
    • Credential Intelligence Overview
    • How to Access the Breached Flag
    • Credential Intelligence FAQ
    • Credential Intelligence Dashboard
  • Code Defender
    • Code Defender Introduction
    • Getting Started with Code Defender
    • Code Defender Glossary
    • Website Risk Analyzer
  • Platform
    • Account settings
    • Manage users
    • Role permissions
    • Enforcer configurations
    • Page Type Mapping
  • Client-Side Integration
    • JavaScript tag
    • Improving first page performance
    • Use of cookies & web storage
    • Advanced client integration
LogoLogo
Login
Login
HUMAN DashboardHUMAN WebsiteRequest a Demo
On this page
  • CSP Sensor Requirements
  • script-src
  • connect-src
  • worker-src
Bot DefenderFootprint

Sensor

Was this page helpful?
Previous

Dashboard

Next
Built with

CSP Sensor Requirements

If your website uses a Content-Security-Policy (CSP) header, please ensure it includes the required values for the functionality our scripts.

For each of the following CSP directives, if used, make sure to also include the specified source expressions as listed below:

script-src

  • 'self' - Required for 1st-party scripts.
  • 'unsafe-inline' - Not required if nonce is used (and applied to the Sensor script) or if both the ABR Manager (Auto-ABR) and DevTools Detection capabilities are disabled.
  • *.px-cloud.net *.px-cdn.net

connect-src

  • 'self' - Required for 1st-party requests.
  • *.px-cloud.net *.px-cdn.net *.pxchk.net *.px-client.net

In addition to the above, it’s recommended to include the following directive and source expression, as it allows Human Challenge to use multithreading for a specific CPU task, potentially speeding up the solution process:

worker-src

  • blob: