Add troubleshooting case for micro frontend (#14074)

nikolovlazar · cursoragent · coolguyzone · web-flow · commit 5d39d73d0175 · 2025-06-24T17:37:41.000Z
A new troubleshooting case was added to
`/docs/platforms/javascript/common/session-replay/troubleshooting.mdx`.

* A new `Expandable` component titled "Replay doesn't work in micro
frontend application" was inserted.
* The new section explains that Session Replay issues in micro frontend
applications are often due to Content Security Policy (CSP)
restrictions.
* It advises users to include `worker-src 'self' blob:` in their
`Content-Security-Policy` to allow the SDK to use web workers for
processing replay data.
* Examples for both meta tag and HTTP header CSP configurations are
provided.
* The addition maintains consistency with the existing document
structure and formatting.

---------

Co-authored-by: Cursor Agent &lt;cursoragent@cursor.com&gt;
Co-authored-by: Alex Krawiec &lt;alex.krawiec@sentry.io&gt;
diff --git a/docs/platforms/javascript/common/session-replay/troubleshooting.mdx b/docs/platforms/javascript/common/session-replay/troubleshooting.mdx
@@ -181,3 +181,25 @@ Clicks in replays can appear in the incorrect location due to rendering differen
 
 Text masking of variable-width fonts can also cause this because the size of the masking text ("*") will not necessarily have the same dimensions as the original character it replaced. There is currently no workaround; please [follow this GitHub Issue](https://github.com/getsentry/sentry-javascript/issues/15449) for updates.
 </Expandable>
+
+<Expandable title="I'm not receiving any replays" permalink>
+
+If you're not receiving any Session Replay data, it's likely due to Content Security Policy (CSP) restrictions. This can happen in any application that explicitly sets CSP values. The Session Replay integration uses web workers to process replay data, which requires specific CSP permissions.
+
+To resolve this issue, make sure to include `worker-src 'self' blob:` in your `Content-Security-Policy` header or meta tag. This directive allows the integration to create and use web workers from the same origin (`'self'`) and from blob URLs (`blob:`), which are necessary for the replay functionality to work properly.
+
+For example, if you're setting the CSP via a meta tag:
+
+```html
+<meta http-equiv="Content-Security-Policy" content="default-src 'self'; worker-src 'self' blob:; ...">
+```
+
+Or if you're setting it via an HTTP header:
+
+```
+Content-Security-Policy: default-src 'self'; worker-src 'self' blob:; ...
+```
+
+Without the proper `worker-src` directive, the browser will block the web worker creation, preventing Session Replay from functioning correctly in your application.
+
+</Expandable>
