Adform offers using Content Security Policy (CSP) for Adform Site Tracking. To detect and mitigate data injection attacks, you can activate MDN CSP for your website. After activating MDN CSP, you must configure it to include the code for the implemented tracking system.
Standard tracking point code (JS) and click tracking point code
script-src 'unsafe-inline' https://*.adform.net;
Standard tracking point code (JS) and click tracking point code with container tags
script-src 'unsafe-inline' https://*.adform.net; frame-src https://*.adform.net;
Image tracking point code and audience tracking point code
Img-src https://*.adform.net;
Iframe tracking point code
frame-src https://*.adform.net;
fetch() or navigator.sendBeacon() tracking point code
By using fetch() or navigator.sendBeacon() methods, you can trigger a tracking point's code without a direct interaction on a website.
connect-src https://*.adform.net;
For more information about Adform's security and privacy policy:
If you have any security- or data protection-related questions, contact the Data Protection Officer (dpo@adform.com).