Twilio Is Implementing Content Security Policy

Twilio is implementing Content Security Policy (CSP) on its website to improve security and protect customers from web-based attacks such as clickjacking. The policy change will block third-party sites from loading twilio.com in HTML iframes or other framing methodologies, requiring customers to discontinue this practice after May 24th, 2021. However, paid Flex customers will still be able to load their instances in iframes. The change aims to enhance the security of Twilio's services and is part of the company's ongoing efforts to improve customer security.