<script type="module" src="https://embed-v2.sided.co/assets/index.js"></script>

Once this code is active, you may add any poll embed or placement code to the page and the poll should render. 

Content Security Policy (CSP) Integration Guide

To securely embed Sided polls and discussions on a site that uses Content Security Policy (CSP), you must explicitly allowlist our script and asset domains.

This ensures the widget loads and functions properly without compromising your site's security posture.

Required CSP Directives

Please add the following directives to your CSP header or meta tag:

Content-Security-Policy:  script-src 'self' https://embed-v2.sided.co https://cdn.sided.co;  style-src 'self' https://cdn.sided.co 'unsafe-inline';  connect-src https://api.sided.co https://www.gstatic.com;  img-src 'self' data: https://cdn.sided.co;

Directive Breakdown

Notes

• Sided’s new embed uses ES modules, which require explicit domain allowlisting (type="module" will not load if blocked).

• If your policy is nonce-based, we can provide a special embed version that accepts a dynamic CSP nonce.

• We do not require unsafe-eval or unsafe-inline for scripts — only styles may currently require 'unsafe-inline'.

Domains to Allow

Make sure the following domains are allowlisted in your CSP:

Example CSP Meta Tag (for HTML)

<meta http-equiv="Content-Security-Policy"  content="script-src 'self' https://embed-v2.sided.co https://cdn.sided.co;           style-src 'self' https://cdn.sided.co 'unsafe-inline';           connect-src https://api.sided.co https://www.gstatic.com;           img-src 'self' data: https://cdn.sided.co;">

Need Help?

If you use a strict or advanced CSP setup (e.g. nonce-based), contact us at dev@sided.co and we’ll provide a custom integration or nonce-compatible loader.