This can be particularly useful for tasks such as rendering, data processing, and other intensive operations – in our case, processing the user screen and sending it over to our servers.
However, these operations are subject to certain restrictions, known as content security policies (hereinafter CSPs), which are designed to prevent malicious code from being executed in the context of your web page.
If you have problems while initializing Fullview, and you can see errors about CSP in your developer console, several directives need to be set up.
To enable CSP, you need to configure your web server to return the
Content-Security-Policy HTTP header. Alternatively, the
<meta> element can be used to configure a policy.
To find out more about CSPs, read more in the official docs.
The following directives must be set in order to successfully initialize and run Fullview on your page:
connect-src https://*.fullview.services wss://*.fullview.services https://*.liveblocks.io wss://*.liveblocks.io https://*.daily.co wss://*.daily.co;
style-src-elem 'unsafe-inline' https://fonts.googleapis.com;
By using web workers and content security policies together, you can take advantage of the parallel execution and enhanced capabilities of web workers while ensuring that your web page remains secure and free from malicious code.