Skip to main content

Troubleshooting

Content Security Policy (CSP) Issues

Identifying CSP Errors

If the CustomerOS tracker is not working, check your browser’s console for CSP-related errors. Common CSP errors look like:
Refused to connect to 'https://api64.ipify.org/?format=json' because it violates the following Content Security Policy directive...
or
Fetch API cannot load https://api64.ipify.org/?format=json

Required Domains

The CustomerOS tracker needs to make requests to the following domains to function properly:
  • api64.ipify.org - Used to detect the visitor’s IP address for accurate geolocation

How to Resolve CSP Issues

  • CloudFront Response Headers Policy
  • HTTP Headers
  • Meta Tag
  • Vercel/Netlify
If you’re using AWS CloudFront, you can add a Response Headers Policy:
  1. Go to CloudFront → Policies → Response Headers
  2. Edit your policy or create a new one
  3. Add to the connect-src directive:
    • https://api64.ipify.org
    • Your CustomerOS tracker domain
  4. Save the policy
Changes to CloudFront policies typically take 10-15 minutes to propagate globally

Verifying the Fix

After updating your CSP configuration:
  1. Clear your browser cache
  2. Wait for the changes to propagate (10-15 minutes for CDN changes)
  3. Reload your website
  4. Check the browser console - CSP errors should be gone
  5. Verify that tracking events are being captured in CustomerOS

Still Having Issues?

If you’re still experiencing problems after configuring CSP:
  • Check that all required domains are included in your CSP policy
  • Verify that your CSP policy isn’t being overridden by another security layer
  • Ensure the tracker script is loading correctly (check Network tab in DevTools)
  • Contact support with your browser console errors for additional help
I