CSP Validator | Gravyty

Enter a URL to check if it has the required dependencies and proper Content Security Policy.

About Content Security Policy (CSP)

Content Security Policy is a security standard that helps prevent cross-site scripting (XSS) and other code injection attacks. It works by specifying which domains are trusted sources for executable scripts.

Why Update Your CSP?

If your website is currently using chatbots from ai.ocelotbot.com or bot.ivy.ai, you will need to update your Content Security Policy to include:

https://bot.io.gravyty.com

How to Update Your CSP

You can update your CSP by adding the domain to the appropriate directives in your CSP header. For example:

Content-Security-Policy: default-src 'self'; script-src 'self'
            https://bot.io.gravyty.com; connect-src 'self' https://bot.io.gravyty.com;

If you don't have a CSP header yet, this tool will indicate that as a pass, but we recommend implementing one for better security.