In some cases, third-party restrictions can cause disruptions to your Chameleon Experiences. You can install Chameleon on your own subdomain, and ensure your content displays as expected every time.
Availability & Usage
🔐 Available for Enterprise
📩 Contact us to enable or discuss your plan needs
Chameleon content is normally hosted on Chameleon's infrastructure and displayed to your end users after being loaded on to the page via Chameleon's domain (e.g.
This means that it is treated as "third-party" (not native to your application) by various services, some of which may attempt to block all third-party content from loading within your application.
Your security team may also be enforcing this type of restriction via your own Content Security Policy ("CSP"). In this case, you would need to include Chameleon as an exception to allow it to function). Learn more here.
Another method to prevent any unwanted restrictions is to serve Chameleon content via your own subdomain, thereby running it as "first-party".
For example, you could serve Chameleon content from
chmln.your-domain.com meaning Chameleon's subdomains (e.g.
*.chameleon.io) would not load on your page to display Chameleon content.
When doing this, Chameleon will handle the TLS 1.3+ certificate and all other aspects of enabling this; your team will only need to add a single
DNS CNAME entry pointing to a unique value for your account.
📩 If you're interested in this solution, please contact us about adding this to your account or upgrading your plan.