Snoobi Tracking code and website 'Content Security Policy'

Modified on Tue, 15 Sep 2020 at 07:19 AM

Using the Snoobi  code on a website met SCP


A Content Security Policy (CSP for short) is a browser security mechanism for your website that aims to mitigate XSS and some other attacks.
Cross-site scripting (XSS) attacks, for example, trick a site into delivering malicious code along with the intended content.
CSP works by restricting the resources (such as scripts and images) that a page can load and restricting whether a page can be framed by other pages.

To enable a CSP, a response needs to include an HTTP response header called Content-Security-Policy with a value containing the policy. The policy itself consists of one or more directives, separated by semicolons.


For a full explanation of CSP, here is the link to developers.google.com.For Snoobi Analytics to fully track all activities on the website, it it important that the Snoobi servers are not blocked from access.


If your website has a Content Security Policy, you should add the Snoobi servers in two sections, namely the img-src and the script-src.


For a full explanation of CSP, this is the link to the Google Developers Page on this.

Below is an example of a simplified Content Security Policy for the snoobi.eu servers. Note we added fonts, Youtube and Google Analytics for readability, but you should use your own fonts and other needed servers.

Attention! If your tracking code use the snoobi.com servers, then just change the ..snoobi.eu into snoobi.com


Don't hesitate to contact Snoobi Support for Questions

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article