Content Security Policy

Non-production / test environment
Live environment

A Content Security Policy (CSP) ensures a browser only loads resources that are explicitly whitelisted, preventing malicious content from being injected into your site. Mention Me provides recommended CSP directives for you to deploy on your website.

Non-production / test environment

script-src:
  - https://static-demo.mention-me.com
  - https://tag-demo.mention-me.com

frame-src:
  - https://demo.mention-me.com

connect-src:
  - https://demo.mention-me.com
  - https://tag-demo.mention-me.com

Live environment

script-src:
  - https://static.mention-me.com
  - https://tag.mention-me.com

frame-src:
  - https://mention-me.com
  - https://<client_subdomain>.mention-me.com

connect-src:
  - https://mention-me.com
  - https://tag.mention-me.com

Replace <client_subdomain> with your subdomain, e.g. example-client.mention-me.com. If you are unsure of this value, reach out to the Mention Me team.

Last modified on March 31, 2026

Security Responsibilities Send Data Securely

⌘I

Getting Started

Referral

Influencer

A/B Testing

Reporting

Security & Data

Onboarding

Tag Implementation

Shopify

ESP & CRM Integrations

Other Integrations

Platform Administration

Non-production / test environment

Live environment

Getting Started

Referral

Influencer

A/B Testing

Reporting

Security & Data

Onboarding

Tag Implementation

Shopify

ESP & CRM Integrations

Other Integrations

Platform Administration

Documentation Index

​Non-production / test environment

​Live environment

Non-production / test environment

Live environment