search

amazon-connect / amazon-connect-chatjs

Amazon Connect ChatJS - a browser-based contact center integration API for Chat on the Agent and Customer side.
https://docs.aws.amazon.com/connect/latest/adminguide/what-is-amazon-connect.html
Apache License 2.0
91 stars 53 forks source link

CSP Error on loadCsmScriptAndExecute() #216

Open atjohns opened 3 months ago

atjohns commented 3 months ago

Hey, I'm receiving a CSP error when using the Connect Chat as it executes loadCsmScriptAndExecute(), specifically where it is doing document.head.appendChild(script);

It's regarding it as an unsafe-inline execution: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-8PJuilRnedH5jtd39s1lzIrOB3dTnPSAJ0jUPCS2Yro='), or a nonce ('nonce-...') is required to enable inline execution.

xiajon commented 3 months ago

Hi, please try disabling CSM. Follow steps here https://github.com/amazon-connect/amazon-connect-chatjs?tab=readme-ov-file#client-side-metric