diff --git a/guides/csp-configuration.mdx b/guides/csp-configuration.mdx
index 5f4527f1a..c729cdb87 100644
--- a/guides/csp-configuration.mdx
+++ b/guides/csp-configuration.mdx
@@ -23,15 +23,27 @@ The following CSP directives are used to control which resources can be loaded:
 | Domain | Purpose | CSP directive | Required |
 |:-------|:--------|:--------------|:-------|
 | `d4tuoctqmanu0.cloudfront.net` | KaTeX CSS, fonts | `style-src`, `font-src` | Required |
-| `*.mintlify.dev` | Documentation content | `connect-src` | Required |
+| `*.mintlify.dev` | Documentation content | `connect-src`, `frame-src` | Required |
+| `*.mintlify.com` | Dashboard, API, analytics proxy | `connect-src` | Required |
+| `leaves.mintlify.com` | Assistant API | `connect-src` | Required |
 | `d3gk2c5xim1je2.cloudfront.net` | Icons, images, logos | `img-src` | Required |
+| `d1ctpt7j8wusba.cloudfront.net` | Mint version and release files | `connect-src` | Required |
+| `mintcdn.com` | Images, favicons | `img-src`, `connect-src` | Required |
+| `*.mintcdn.com` | Images, favicons | `img-src`, `connect-src` | Required |
+| `api.mintlifytrieve.com` | Search API | `connect-src` | Required |
+| `cdn.jsdelivr.net` | Emoji assets for OG images | `script-src`, `img-src` | Required |
+| `fonts.googleapis.com` | Google Fonts | `style-src`, `font-src` | Optional |
 | `www.googletagmanager.com` | Google Analytics/GTM | `script-src`, `connect-src` | Optional |
 | `cdn.segment.com` | Segment analytics | `script-src`, `connect-src` | Optional |
 | `plausible.io` | Plausible analytics | `script-src`, `connect-src` | Optional |
+| `us.posthog.com` | PostHog analytics | `connect-src` | Optional |
+| `cdn.getkoala.com` | Koala analytics | `script-src` | Optional |
 | `tag.clearbitscripts.com` | Clearbit tracking | `script-src` | Optional |
 | `cdn.heapanalytics.com` | Heap analytics | `script-src` | Optional |
 | `chat.cdn-plain.com` | Plain chat widget | `script-src` | Optional |
 | `chat-assets.frontapp.com` | Front chat widget | `script-src` | Optional |
+| `browser.sentry-cdn.com` | Sentry error tracking | `script-src`, `connect-src` | Optional |
+| `js.sentry-cdn.com` | Sentry JavaScript SDK | `script-src` | Optional |
 
 ## Example CSP configuration
 
@@ -42,12 +54,14 @@ The following CSP directives are used to control which resources can be loaded:
 ```text wrap
 Content-Security-Policy:
 default-src 'self';
-script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com cdn.segment.com plausible.io tag.clearbitscripts.com cdn.heapanalytics.com
-chat.cdn-plain.com chat-assets.frontapp.com;
-style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net;
-font-src 'self' d4tuoctqmanu0.cloudfront.net;
-img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net;
-connect-src 'self' *.mintlify.dev www.googletagmanager.com cdn.segment.com plausible.io;
+script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net www.googletagmanager.com cdn.segment.com plausible.io
+us.posthog.com cdn.getkoala.com tag.clearbitscripts.com cdn.heapanalytics.com chat.cdn-plain.com chat-assets.frontapp.com
+browser.sentry-cdn.com js.sentry-cdn.com;
+style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
+font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com;
+img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net;
+connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com
+api.mintlifytrieve.com www.googletagmanager.com cdn.segment.com plausible.io us.posthog.com browser.sentry-cdn.com;
 frame-src 'self' *.mintlify.dev;
 ```
 
@@ -66,7 +80,7 @@ Create a Response Header Transform Rule:
   - **Header name**: `Content-Security-Policy`
   - **Header value**:
     ```text wrap
-    default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net; font-src 'self' d4tuoctqmanu0.cloudfront.net; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net; connect-src 'self' *.mintlify.dev; frame-src 'self' *.mintlify.dev;
+    default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;
     ```
 4. Deploy your rule.
 
@@ -81,7 +95,7 @@ Add a response headers policy in CloudFront:
     "Config": {
     "SecurityHeadersConfig": {
         "ContentSecurityPolicy": {
-        "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net; font-src 'self' d4tuoctqmanu0.cloudfront.net; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net; connect-src 'self' *.mintlify.dev; frame-src 'self' *.mintlify.dev;",
+        "ContentSecurityPolicy": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;",
         "Override": true
         }
       }
@@ -102,7 +116,7 @@ Add to your `vercel.json`:
     "headers": [
         {
         "key": "Content-Security-Policy",
-        "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net; font-src 'self' d4tuoctqmanu0.cloudfront.net; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net; connect-src 'self' *.mintlify.dev; frame-src 'self' *.mintlify.dev;"
+        "value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; font-src 'self' d4tuoctqmanu0.cloudfront.net fonts.googleapis.com; img-src 'self' data: blob: d3gk2c5xim1je2.cloudfront.net mintcdn.com *.mintcdn.com cdn.jsdelivr.net; connect-src 'self' *.mintlify.dev *.mintlify.com d1ctpt7j8wusba.cloudfront.net mintcdn.com *.mintcdn.com api.mintlifytrieve.com; frame-src 'self' *.mintlify.dev;"
         }
       ]
     }