mintlify · mintlify · Apr 9, 2026
diff --git a/deploy/csp-configuration.mdx b/deploy/csp-configuration.mdx
@@ -44,6 +44,8 @@
 | `chat-assets.frontapp.com` | Front chat widget | `script-src` | Optional |
 | `browser.sentry-cdn.com` | Sentry error tracking | `script-src`, `connect-src` | Optional |
 | `js.sentry-cdn.com` | Sentry JavaScript SDK | `script-src` | Optional |
+| `hcaptcha.com` | hCaptcha CAPTCHA verification | `script-src`, `frame-src`, `style-src`, `connect-src` | Optional |
+| `*.hcaptcha.com` | hCaptcha CAPTCHA verification | `script-src`, `frame-src`, `style-src`, `connect-src` | Optional |
 
 ## Example CSP configuration
 
@@ -56,13 +58,13 @@
 default-src 'self';
 script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net www.googletagmanager.com cdn.segment.com plausible.io
 us.posthog.com tag.clearbitscripts.com cdn.heapanalytics.com chat.cdn-plain.com chat-assets.frontapp.com
-browser.sentry-cdn.com js.sentry-cdn.com;
-style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
+browser.sentry-cdn.com js.sentry-cdn.com hcaptcha.com *.hcaptcha.com;
+style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com hcaptcha.com *.hcaptcha.com;
 font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
 img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com;
 connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com
-www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com;
-frame-src 'self' *.mintlify.dev;
+www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com hcaptcha.com *.hcaptcha.com;
+frame-src 'self' *.mintlify.dev hcaptcha.com *.hcaptcha.com;
 ```
 
 ## Common configurations by proxy type

diff --git a/es/deploy/csp-configuration.mdx b/es/deploy/csp-configuration.mdx
@@ -48,6 +48,8 @@ Las siguientes directivas de CSP controlan qué recursos puede cargar una págin
 | `chat-assets.frontapp.com` | Widget de chat de Front | `script-src` | Opcional |
 | `browser.sentry-cdn.com` | Seguimiento de errores con Sentry | `script-src`, `connect-src` | Opcional |
 | `js.sentry-cdn.com` | SDK de JavaScript de Sentry | `script-src` | Opcional |
+| `hcaptcha.com` | Verificación CAPTCHA de hCaptcha | `script-src`, `frame-src`, `style-src`, `connect-src` | Opcional |
+| `*.hcaptcha.com` | Verificación CAPTCHA de hCaptcha | `script-src`, `frame-src`, `style-src`, `connect-src` | Opcional |
 
 <div id="example-csp-configuration">
   ## Ejemplo de configuración de CSP
@@ -62,13 +64,13 @@ Content-Security-Policy:
 default-src 'self';
 script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net www.googletagmanager.com cdn.segment.com plausible.io
 us.posthog.com tag.clearbitscripts.com cdn.heapanalytics.com chat.cdn-plain.com chat-assets.frontapp.com
-browser.sentry-cdn.com js.sentry-cdn.com;
-style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
+browser.sentry-cdn.com js.sentry-cdn.com hcaptcha.com *.hcaptcha.com;
+style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com hcaptcha.com *.hcaptcha.com;
 font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
 img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com;
 connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com
-www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com;
-frame-src 'self' *.mintlify.dev;
+www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com hcaptcha.com *.hcaptcha.com;
+frame-src 'self' *.mintlify.dev hcaptcha.com *.hcaptcha.com;
 ```
 
 

diff --git a/fr/deploy/csp-configuration.mdx b/fr/deploy/csp-configuration.mdx
@@ -48,6 +48,8 @@ Les directives CSP suivantes contrôlent quelles ressources une page peut charge
 | `chat-assets.frontapp.com` | Widget de chat Front | `script-src` | Facultatif |
 | `browser.sentry-cdn.com` | Suivi des erreurs Sentry | `script-src`, `connect-src` | Facultatif |
 | `js.sentry-cdn.com` | SDK JavaScript Sentry | `script-src` | Facultatif |
+| `hcaptcha.com` | Vérification CAPTCHA hCaptcha | `script-src`, `frame-src`, `style-src`, `connect-src` | Facultatif |
+| `*.hcaptcha.com` | Vérification CAPTCHA hCaptcha | `script-src`, `frame-src`, `style-src`, `connect-src` | Facultatif |
 
 <div id="example-csp-configuration">
   ## Exemple de configuration CSP
@@ -62,13 +64,13 @@ Content-Security-Policy:
 default-src 'self';
 script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net www.googletagmanager.com cdn.segment.com plausible.io
 us.posthog.com tag.clearbitscripts.com cdn.heapanalytics.com chat.cdn-plain.com chat-assets.frontapp.com
-browser.sentry-cdn.com js.sentry-cdn.com;
-style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
+browser.sentry-cdn.com js.sentry-cdn.com hcaptcha.com *.hcaptcha.com;
+style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com hcaptcha.com *.hcaptcha.com;
 font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
 img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com;
 connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com
-www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com;
-frame-src 'self' *.mintlify.dev;
+www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com hcaptcha.com *.hcaptcha.com;
+frame-src 'self' *.mintlify.dev hcaptcha.com *.hcaptcha.com;
 ```
 
 

diff --git a/zh/deploy/csp-configuration.mdx b/zh/deploy/csp-configuration.mdx
@@ -48,6 +48,8 @@ keywords: ["内容安全策略", "CSP", "指令", "安全标头", "防火墙", "
 | `chat-assets.frontapp.com` | Front 聊天小部件 | `script-src` | 可选 |
 | `browser.sentry-cdn.com` | Sentry 错误监控 | `script-src`, `connect-src` | 可选 |
 | `js.sentry-cdn.com` | Sentry JavaScript SDK | `script-src` | 可选 |
+| `hcaptcha.com` | hCaptcha 验证码验证 | `script-src`, `frame-src`, `style-src`, `connect-src` | 可选 |
+| `*.hcaptcha.com` | hCaptcha 验证码验证 | `script-src`, `frame-src`, `style-src`, `connect-src` | 可选 |
 
 <div id="example-csp-configuration">
   ## 示例 CSP 配置
@@ -62,13 +64,13 @@ Content-Security-Policy:
 default-src 'self';
 script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net www.googletagmanager.com cdn.segment.com plausible.io
 us.posthog.com tag.clearbitscripts.com cdn.heapanalytics.com chat.cdn-plain.com chat-assets.frontapp.com
-browser.sentry-cdn.com js.sentry-cdn.com;
-style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
+browser.sentry-cdn.com js.sentry-cdn.com hcaptcha.com *.hcaptcha.com;
+style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com hcaptcha.com *.hcaptcha.com;
 font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
 img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net mintlify.s3.us-west-1.amazonaws.com;
 connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com
-www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com;
-frame-src 'self' *.mintlify.dev;
+www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com hcaptcha.com *.hcaptcha.com;
+frame-src 'self' *.mintlify.dev hcaptcha.com *.hcaptcha.com;
 ```