Web workers are a way to run JavaScript in the background, independently of other scripts, allowing for long-running tasks to be executed without interfering with the user interface or other critical tasks.
This can be particularly useful for tasks such as rendering, data processing, and other intensive operations โ in our case, processing the user screen and sending it over to our servers.
In addition to processing data, web workers can also perform some operations that are normally not allowed in JavaScript, such as reading and writing files, making cross-origin requests, and creating new web workers.
However, these operations are subject to certain restrictions, known as content security policies (hereinafter CSPs), which are designed to prevent malicious code from being executed in the context of your web page.
If you have problems while initializing Fullview, and you can see errors about CSP in your developer console, several directives need to be set up.
To enable CSP, you need to configure your web server to return the Content-Security-Policy HTTP header. Alternatively, the <meta> element can be used to configure a policy.
To find out more about CSPs, read more in the official docs.
The following directives must be set in order to successfully initialize and run Fullview on your page:
Content-Security-Policy:
script-src-elem https://*.fullview.io;
connect-src https://*.fullview.services wss://*.fullview.services https://*.liveblocks.io wss://*.liveblocks.io https://*.daily.co wss://*.daily.co;
media-src https://*.fullview.io;
style-src 'unsafe-inline';
style-src-elem 'unsafe-inline' https://fonts.googleapis.com;
font-src https://fonts.gstatic.com;
worker-src blob:;
By using web workers and content security policies together, you can take advantage of the parallel execution and enhanced capabilities of web workers while ensuring that your web page remains secure and free from malicious code.