If you have a strict Content Security Policy, please allowlist https://*.explo.co to your CSP to ensure our embed can work properly and make the proper requests. If you’re not sure if you have a strict CSP, then you likely don’t. If you prefer not to wildcard Explo’s subdomains, these are the necessary domains:

  • https://app.explo.co
  • https://api.explo.co
  • https://*.data.explo.co

More may be added in the future, but customers will be notified ahead of time.

If you are using custom fonts, you will need to allowlist the following domain to your CSP: https://explo-custom-fonts.s3.us-west-1.amazonaws.com