Hi,
I wanted to customize the item image of a charge, and even though it is possible to customize this using the (undocumented) “logo_url” parameter when creating a charge, it then fails to load on the actual hosted page with the following error:
Refused to load the image 'https://dev.domionline.io/Store/coins_2.png' because it violates the following Content Security Policy directive: "img-src 'self' data: https://exceptions.coinbase.com/js https://res.cloudinary.com https://www.google-analytics.com/ https://images.coinbase.com https://nft.reddit.com https://dynamic-assets.coinbase.com https://static-assets.coinbase.com asset-metadata-service-production.s3.amazonaws.com".
It does work if I use an image from a previously created checkout or if I upload the images to Cloudinary myself (such as https://res.cloudinary.com/dvoz6aiik/image/upload/v1698146164/coins_5.png), but this seems kinda clunky, so would it be possible to remove the Content Security Policy, or at least extend it to allow images to be loaded from whitelisted domains?