Top
What are the trusted Whatfix domains to whitelist?
  • 1 Minute To Read
  • Print
  • Dark
    Light

What are the trusted Whatfix domains to whitelist?

  • Print
  • Dark
    Light

If your organization uses a firewall to restrict network access to only specific websites or software, then you need to whitelist the following domains to ensure that your app can communicate with Whatfix and fetch content for your users to view.

Also, if your organization has a Content Security Policy (CSP) in place to block external code insertions, then it could prevent Whatfix from working on your app.

To prevent this from happening and to resolve CSP violation errors, the following domains must be added as an exception (Whitelisted) as part of the application's CSP headers.

Domains to whitelist:

  • https://whatfix.com 
  • https://cdn.whatfix.com 
  • https://google-analytics.com
your title goes here

Depending on the deployment model, you can whitelist only the necessary directive.

Deployment ModelCSP DirectivesDomain/value
Export (Content on the same server)connect-srcgoogle-analytics.com
style-srcunsafe-inline
img-srcdata:
Export (Content fetched from a different domain server)connect-srcgoogle-analytics.com
script-src*.<domain>, <domain>
frame-src
style-srcunsafe-inline
img-srcdata:
CDNconnect-src*.whatfix.com
google-analytics.com
script-src
*.whatfix.com

frame-src
style-srcunsafe-inline
img-srcgoogle-analytics.com
data:
Extensionconnect-srcgoogle-analytics.com
Dev scriptconnect-src*.whatfix.com
google-analytics.com

script-src*.whatfix.com
frame-src


Note
  • Your IT Admin can help in whitelisting the domains mentioned above.
  • If you are using any video or image links in your Whatfix content, then you need to whitelist those domains as well. For example, if you embed a YouTube video in a vivid Pop-up then you need to whitelist youtube.com.

When do domains need whitelisting?

It is recommended to whitelist the domains as soon as you start creating content on Whatfix. This way, content creators will not have any issues to preview and test the content.

IP addresses to Whitelist:

IPv4IPv6

173.245.48.0/20

2400:cb00::/32

103.21.244.0/22

2606:4700::/32

103.22.200.0/22

2803:f800::/32

103.31.4.0/22

2405:b500::/32

141.101.64.0/18

2405:8100::/32

108.162.192.0/18

2a06:98c0::/29

190.93.240.0/20

2c0f:f248::/32

188.114.96.0/20


197.234.240.0/22


198.41.128.0/17


162.158.0.0/15


104.16.0.0/12


172.64.0.0/13


131.0.72.0/22


Note
IP addresses are the same for all users.

Best Practices

  • Make sure you have applied the policy to every page, including error pages.
Was This Article Helpful?