Skip to content

Add Content Security Policy documentation to Session Replay SDKs #1246

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
JeffScattini-amplitude wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add Content Security Policy documentation to Session Replay SDKs #1246

JeffScattini-amplitude wants to merge 1 commit into from

Conversation

@JeffScattini-amplitude
Copy link
Collaborator

@JeffScattini-amplitude JeffScattini-amplitude commented Dec 9, 2025
edited by cursor bot
Loading

Add comprehensive CSP sections to both session-replay-standalone-sdk.md and session-replay-plugin.md, including:

  • Required CSP directives (script-src, connect-src, worker-src)
  • Directive reference table with domains and descriptions
  • API endpoints table for US and EU data centers
  • Example CSP headers for both regions

Resolves DOC-931

Note

Add CSP guidance (directives, endpoints, example headers) to Session Replay Plugin and Standalone SDK docs.

  • Docs (Session Replay):
    • Plugin (session-replay-plugin.md):
      • Add CSP section with required directives (script-src, connect-src, worker-src).
      • Include directive reference table, API endpoints (US/EU), and example CSP headers.
      • Add tip to include custom configServerUrl/trackServerUrl domains in connect-src.
    • Standalone SDK (session-replay-standalone-sdk.md):
      • Mirror CSP guidance: required directives, reference table, API endpoints (US/EU), example headers, and custom endpoint tip.

Written by Cursor Bugbot for commit 26b2775. This will update automatically on new commits. Configure here.

@JeffScattini-amplitude
Add Content Security Policy documentation to Session Replay SDKs
26b2775 
Add comprehensive CSP sections to both session-replay-standalone-sdk.md and
session-replay-plugin.md, including:
- Required CSP directives (script-src, connect-src, worker-src)
- Directive reference table with domains and descriptions
- API endpoints table for US and EU data centers
- Example CSP headers for both regions

Resolves DOC-931
@vercel
Copy link

vercel bot commented Dec 9, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
amplitude-docs Canceled Canceled Dec 17, 2025 6:01pm

@markzegarelli markzegarelli self-requested a review December 9, 2025 17:36
markzegarelli
markzegarelli reviewed Dec 9, 2025
View reviewed changes
Copy link
Member

@markzegarelli markzegarelli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

few suggestions.

Also, if this content is identical, we should make it a partial so we can single source.

content/collections/session-replay/en/session-replay-plugin.md

#### Example CSP header

For US data center:
Copy link
Member

@markzegarelli markzegarelli Dec 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

including data center might be confusing here.

Suggested change
For US data center:
For the US region:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@markzegarelli markzegarelli markzegarelli left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

Needs review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JeffScattini-amplitude @markzegarelli