We have made restrictions to our Content Security Policy (CSP) and now ReadSpeaker is not working. How can that be solved?

If you set a "-src" type policy you may need to add our domains to the list of allowed domains (best is *.readspeaker.com) to allow media to be loaded.

In case that your CSP policy doesn't allow the fonts that we use for icons to load. You would need to extend the CSP policy to let our fonts load in order for them to load correctly. This is what you can write: Content-Security-Policy: font-src 'data:';>

We don't support SHA-hashes. This is because we are serving our JavaScripts on a CDN and they are regularly being updated.