🎉  Userflow joins forces with Beamer to create all-in-one growth toolkit
Read more
Product
Pricing
Demo
Sign in

Content Security Policy

If your web app uses Content Security Policy (CSP), you’ll need to ensure that your policy allows Userflow.js requests.

Your policy must allow the following:

connect-src:
  https://cdn.userflow.com
  https://e.userflow.com
  https://js.userflow.com
  wss://e.userflow.com

script-src:
  https://cdn.userflow.com
  https://js.userflow.com

style-src:
  https://cdn.userflow.com
  https://js.userflow.com

img-src:
  https://blob.userflow.com
  https://cdn.userflow.com
  https://js.userflow.com
  https://storage.googleapis.com/studio1-prod-blob/

media-src:
  https://blob.userflow.com
  https://cdn.userflow.com
  https://storage.googleapis.com/studio1-prod-blob/

A few notes:

  • The name studio1 (in the storage.googleapis.com URLs) was the company’s original name and is therefore used for legacy reasons.

Got questions? We're here for you!

The best way to get help is to
We usually reply within 5 minutes
You can also send an email to support@userflow.com
We usually reply within a few hours