Content security policies (CSP)
The web library loads images, stylesheets, datasets, and JavaScript from DataWollet's servers and CDN to function. It also makes requests to the Open Finance API to process sources.
If you use Content-Security-Policy or Content-Security-Policy-Report-Only headers then please add the URL prefixes specified below to ensure the web library is not blocked or generating false reports.
| Policy directive | URL prefixes |
|---|---|
connect-src | https://api.datawollet.com https://schema.datawollet.com |
img-src | https://cdn.datawollet.com |
script-src or script-src-elem | https://cdn.datawollet.com |
style-src or style-src-elem | https://cdn.datawollet.com |