0141 280 2829

Content Security Policy

A Content Security Policy (CSP) on a website controls which third party integrations are allowed to run. Your website may have a Content Security Policy in place and this page will help you check.

If your website does have a Content Security Policy (CSP) then you need to add our domain names to your policy for the Conversion Tag, Page Footer Tag and some Affiliate tools to work correctly.

  • Check if your website has a Content Security Policy, if you are unsure use our checker tool to find out
  • If you do not have a Content Security Policy, no further action is needed
  • If you have a Content Security Policy, you need to add our domain names to your policy
  • Test again using our online checker to make sure the changes have been made correctly

Content Security Policy checker

Enter your website URL

Content Security Policy requirements

If you have a Content Security Policy, then to complete your integration with Paid On Results, you will need to add our 4 domain names (two of which are wildcard domains), to 3 directives to your Content Security Policy.

Domain Names

  • *.paidonresults.net
  • *.paidonresults.com
  • portgk.com
  • porjs.com

The 3 directives which all of those domain names need to be added too are

Directives

  • script-src
  • frame-src
  • connect-src

Our Content Security Policy checker should be used to test if the Content Security Policy for your website has been updated, the tool will check to ensure all the domain names have been added to the necessary directives.

If you have any questions please get in touch with your Account Manager. We are however unable to guide you to how to update your Content Security Policy as it depends on how your website is set-up. Your website developer, hosting company or company who provides your e-commerce platform will be able to help. Try asking them the following.

Can you tell me where I can update the Content Security Policy on my website? I need to add the 4 domains "*.paidonresults.net *.paidonresults.com portgk.com porjs.com" to the "script-src", "frame-src" and "connect-src" directives.