How to embed Razorpay subscription button with CSP restrictions

MihirR · July 2, 2025, 5:03pm

I just created a simple static page for subscriptions and now want to embed a button on that page.

For which the code is:

<form>
    <script
        src="https://cdn.razorpay.com/static/widget/subscription-button.js"
        data-subscription_button_id="pl_randodmdi7373737"
        data-button_theme="brand-color"
        async>
    </script>
</form>

So from what I know the CSP won’t let me use the script, is there any way this could be possible?

PS: I’m using Landing Page Plug-in for the custom page.

awesomerobot · July 2, 2025, 5:21pm

This may help

and we have more information about CSP here Mitigate XSS Attacks with Content Security Policy

MihirR · July 3, 2025, 3:25am

Content security policy script src 


https://cdn.razorpay.com
Add item…


 content_security_policy_script_src: Value must be either 'unsafe-eval' or 'wasm-unsafe-eval', or in the form '<hash algorithm>-<base64 value>' where supported hash algorithms are sha256, sha384 or sha512. Ensure that your input is wrapped in single quotation marks.
Additional allowlisted script sources. The current host and CDN are included by default. See Mitigate XSS Attacks with Content Security Policy. (CSP). Other host sources are ignored as strict-dynamic is enabled.

This is the error I’m getting.

Topic		Replies	Views
Is it possible to embed Razorpay subscription button with CSP enabled Support	0	9	July 2, 2025
Can't get script tag to work in landing pages plugin due to content-security-policy Support	4	43	July 1, 2025
Need help with the content security policy Support	4	720	June 15, 2020
CSP error when adding a script via a theme component Dev content-security-policy	9	337	September 5, 2024
Refuse to reload script (CORS) with my settings Support	1	1093	January 31, 2021

How to embed Razorpay subscription button with CSP restrictions

Related topics