> ## Documentation Index
> Fetch the complete documentation index at: https://velt-mintlify-e6426361.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Content Security Policy (CSP)

> Whitelist the Velt SDK domains and WebSocket endpoints in your Content Security Policy script-src and connect-src directives for secure embedding.

## Whitelisting Rules for Content Security Policy (CSP)

If you have a Content Security Policy (CSP) enabled in your app configuration, ensure that the following URLs are whitelisted:

### script-src

* `*.velt.dev`
* `*.api.velt.dev`
* `*.firebaseio.com`
* `*.googleapis.com`
* `wss://*.firebaseio.com`
* `wss://*.firebasedatabase.app`

### connect-src

* `*.velt.dev`
* `*.api.velt.dev`
* `*.firebaseio.com`
* `*.googleapis.com`
* `wss://*.firebaseio.com`
* `wss://*.firebasedatabase.app`

### img-src

* `storage.googleapis.com`
* `firebasestorage.googleapis.com`

### media-src

* `storage.googleapis.com`
* `firebasestorage.googleapis.com`
