Content-Security-Policy
Using the Content-Security-Policy response header, you can control the list of URLs to use as a payment pointer via the monetization-src directive.
Directives
Fetch directives
Restricts the URLs from which a payment pointer is loaded.
Example
Given a page with the following Content Security Policy:
Content-Security-Policy: monetization-src https://example.com/
Fetches for the following code will return network errors, as the URL provided does not match monetization-src's source list:
<link rel="monetization" href="https://example.org/payment-pointer" />
Specifications
| Specification |
|---|
| Web Monetization API #content-security-policy |
Browser compatibility
| desktop | mobile | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Chrome | Edge | Firefox | Internet Explorer | Opera | Safari | WebView Android | Chrome Android | Firefox for Android | Opera Android | Safari on iOS | Samsung Internet | Puma Browser | |
monetization-src | Yes | Yes | Yes | No | Yes | No | No | No | No | No | No | No | Yes |
- Full Support
- No Support
- You'll need to use a Web Monetization Extension