Behavior Notes, CSN & Hosting Requirements

Behavior Notes

On init, the widget:

  • Injects widget styles and a simple widget container

  • Registers message handlers for internal communication

CSP and Hosting Requirements

Content Security Policy

Allow the CDN script in your script-src.

Allow the UI host in frame-src/child-src: https://test-glyph-app-ui.safle.com.

If you enable strict CSP, also permit inline styles for the injected overlay/iframe styles or provide equivalent stylesheet allowances.

HTTPS

Use HTTPS across all resources to avoid mixed-content blocking.

PreviousAPI ReferenceNextTroubleshooting

Last updated