June 17, 2024, 3 p.m. | WavePlay Staff

DEV Community dev.to

If you're building a Discord Activity, you may encounter issues with Content Security Policy (CSP) restrictions.


CSP is a security feature that helps prevent cross-site scripting attacks by restricting the resources a web page can load. However, it can sometimes interfere with loading external resources like fonts or media in your activity.



The recommended fix is to use Discord's URL Mapping feature to rewrite URLs. However, this method has limitations and may not work in all cases. …

attacks building can content security cross-site csp discord external feature issues javascript may node node.js page policy prevent programming proxy resources restrictions scripting security security policy using web

Palo Alto Engineer

@ Booz Allen Hamilton | Undisclosed Location - USA, VA, Reston

Systems Administrator

@ Cognosante | Camp Humphreys, South Korea

Consultor de Seguridad de la Información (Future project)

@ Unisys | Home Based Peru

Cloud DevOps Engineer

@ Booz Allen Hamilton | USA, VA, McLean (8283 Greensboro Dr, Hamilton)

Cloud DevOps Engineer

@ Booz Allen Hamilton | USA, VA, McLean (8251 Greensboro Dr)

Sr. Systems Administrator

@ KBR, Inc. | USA, Colorado Springs, 2424 Garden of the Gods Rd, Colorado