Content-Security Policy

Did you know... ?

โ—๏ธWhat is this about?

Some websites implement a Content Security Policy โ€“ a browser security feature that controls which domains are allowed to load certain types of content, such as iFrames, scripts, or images.

When our iFrame is embedded on a website without proper allowlisting, it can be blocked by the browser, resulting in an error like:

โœ… What you need to do

If you are seeing this error and our iFrame is not loading correctly, it is likely because your websiteโ€™s CSP is not allowing mazing.link as a valid frame-src domain.

To fix this, you or your developer need to add the following domain to your CSP allowlist:

*.mazing.link

๐Ÿ’ก Example

If your current CSP looks like this:

It should be updated to include:

๐Ÿ“Œ Why is this important?

Without this change, your browser will refuse to load the 3D/AR iFrame, and your visitors wonโ€™t see the interactive content. This issue often goes unnoticed unless developers check the browser console.

Last updated