If your website makes use of Content Security Policy (https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP), then additional configuration is needed in order to make the WebSDK work correctly.The following directives must be present:
script-src 'unsafe-eval';
connect-src https://*.scandit.com https://*.mirasense.com;
img-src data:;
child-src blob:;
worker-src blob:;
Depending on the external Scandit Engine library location (engineLocation option), the following directives must also be set, in combination with existing ones.
If the library is loaded from the same website:
If the library is loaded from the same website:
script-src 'self';
connect-src 'self';
If the library is loaded from a different example.com website:
script-src example.com;
connect-src example.com;