Troubleshooting Guide: Fix Live Chat Widget Loading Issues Caused by Referrer Policy Settings When Trusted Domain Enabled
If your live chat widget isn’t loading properly, the issue might be related to your website’s Referrer Policy, especially when the Trusted Domains setting is enabled. This guide explains what the Referrer Policy is, how to check it, and how to update it to ensure your widget functions correctly.
🔍 Why the Widget Might Fail to Load
When Trusted Domains is enabled for your live chat widget, the widget uses the Referrer header to verify that it’s being accessed from an allowed domain. If your website’s Referrer Policy restricts or hides this information, the widget won’t be able to validate the source — causing it to fail loading.
✅ If Trusted Domains is disabled, this check is skipped, and the widget can load on any domain. In that case, no changes to the Referrer Policy are necessary.
🔐 What is the Referrer Policy?
The Referrer Policy is a browser security feature that controls how much information is sent in the Referer header during navigation. This header usually contains the URL of the page that made the request.
Different policies can:
- Send the full URL
- Send only the domain (origin)
- Send nothing at all
An overly strict policy can prevent the live chat widget from knowing which domain is loading it — leading to validation failure if Trusted Domains is enabled.
🛠 How to Check If Trusted Domains is Enabled
- Go to Admin > Chat > Live Chat in your BoldDesk dashboard.
- Choose the live chat widget used on your website.
- Scroll to the General section and locate Trusted Domains.
- Make sure:
- It’s enabled
- Your website’s domain is listed
If it’s disabled, you don’t need to change the Referrer Policy.
🔎 How to Check Your Website’s Referrer Policy
- Open your website in a browser.
- Launch Developer Tools:
- Windows/Linux:
Ctrl + Shift + IorF12 - Mac:
Cmd + Option + I
- Windows/Linux:
- Open the Network tab.
- Refresh the page and search for chatwidget.
- Click the chat widget ID in the Name column.
- Under Headers > General, check the Referrer Policy value.
📘 Common Referrer Policy Types
| Policy | Behavior |
|---|---|
no-referrer |
Sends no referrer data |
no-referrer-when-downgrade |
Sends full URL on secure connections (HTTPS ➜ HTTPS) |
origin |
Sends only the domain |
origin-when-cross-origin |
Sends full URL for same-site; domain only for cross-site |
same-origin |
Sends full URL only for same-site requests |
strict-origin |
Sends only the domain, blocks downgrade (HTTPS ➜ HTTP) |
strict-origin-when-cross-origin |
Best balance: full URL on same-site, domain only on cross-site |
unsafe-url |
Sends full URL always — not recommended for privacy reasons |
✅ Recommended Referrer Policy Settings
To ensure compatibility while maintaining security, use one of the following:
<meta name="referrer" content="strict-origin-when-cross-origin">
or
<meta name="referrer" content="no-referrer-when-downgrade">
These settings allow enough referrer data for widget validation when Trusted Domains is enabled.
✏️ How to Update the Referrer Policy
- In your website’s HTML, find the
<head>section. - Add or update the following meta tag:
<meta name="referrer" content="strict-origin-when-cross-origin">
- Save and publish your website.
Once applied, the widget should start loading correctly.
