> ## Documentation Index
> Fetch the complete documentation index at: https://docs.customeros.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Troubleshooting

# Troubleshooting

## Content Security Policy (CSP) Issues

### Identifying CSP Errors

If the CustomerOS tracker is not working, check your browser's console for CSP-related errors. Common CSP errors look like:

```
Refused to connect to 'https://api64.ipify.org/?format=json' because it violates the following Content Security Policy directive...
```

or

```
Fetch API cannot load https://api64.ipify.org/?format=json
```

### Required Domains

The CustomerOS tracker needs to make requests to the following domains to function properly:

* **`api64.ipify.org`** - Used to detect the visitor's IP address for accurate geolocation

### How to Resolve CSP Issues

<Tabs>
  <Tab title="CloudFront Response Headers Policy">
    If you're using AWS CloudFront, you can add a Response Headers Policy:

    1. Go to CloudFront → Policies → Response Headers
    2. Edit your policy or create a new one
    3. Add to the `connect-src` directive:
       * `https://api64.ipify.org`
       * Your CustomerOS tracker domain
    4. Save the policy

    <Info>Changes to CloudFront policies typically take 10-15 minutes to propagate globally</Info>
  </Tab>

  <Tab title="HTTP Headers">
    Add or modify the `Content-Security-Policy` header in your server configuration:

    ```
    Content-Security-Policy: connect-src 'self' https://api64.ipify.org https://your-customeros-domain.com
    ```

    **Apache (.htaccess)**

    ```apache theme={"system"}
    Header set Content-Security-Policy "connect-src 'self' https://api64.ipify.org https://your-customeros-domain.com"
    ```

    **Nginx**

    ```nginx theme={"system"}
    add_header Content-Security-Policy "connect-src 'self' https://api64.ipify.org https://your-customeros-domain.com";
    ```
  </Tab>

  <Tab title="Meta Tag">
    Add a meta tag to your HTML `<head>`:

    ```html theme={"system"}
    <meta http-equiv="Content-Security-Policy"
          content="connect-src 'self' https://api64.ipify.org https://your-customeros-domain.com">
    ```

    <Warning>This method is less recommended as it only applies to the page itself, not scripts loaded from it</Warning>
  </Tab>

  <Tab title="Vercel/Netlify">
    Add a `_headers` file to your project root or public directory:

    ```
    /*
      Content-Security-Policy: connect-src 'self' https://api64.ipify.org https://your-customeros-domain.com
    ```

    Or use the platform's dashboard to configure security headers.
  </Tab>
</Tabs>

### Verifying the Fix

After updating your CSP configuration:

1. Clear your browser cache
2. Wait for the changes to propagate (10-15 minutes for CDN changes)
3. Reload your website
4. Check the browser console - CSP errors should be gone
5. Verify that tracking events are being captured in CustomerOS

### Still Having Issues?

If you're still experiencing problems after configuring CSP:

* Check that all required domains are included in your CSP policy
* Verify that your CSP policy isn't being overridden by another security layer
* Ensure the tracker script is loading correctly (check Network tab in DevTools)
* Contact support with your browser console errors for additional help