To enhance security, websites define Content Security Policy (CSP), which allows website owners to restrict the content (script/styles/images etc.) loaded on the page to only trusted (whitelisted) sources. It ensures that no malicious external asset can put your business or customers at risk by acting as an agent for a trusted website. If the Content-Security-Policy header is defined, the browser will reject any content from non-whitelisted sources. To learn more about the importance of CSP and how it works, read this.
VWO running on your website intends to provide your visitors with the campaign experiences you've designed; VWO does not inject unwanted content on your website or gather any Personally Identifiable Information (PII).
To whitelist VWO, add the following rules to your existing Content Security Policy. This enables VWO services to function properly on your website.