If you add that code directly in your website having this CSP in your website:
Content-Security-Policy: default-src 'self' https://app.cobrowser.com;
Then the Conversationi24 initialization script will never be executed because the CSP only allows loading files from your own domain
self or from
https://app.cobrowser.com but it does not allow inline scripts.
For instance you can create a new file in your web server called
conversation24.js and add the content between
<script> </script> tags into that file.
After that the Conversation24 script will be loaded and executed because it's loaded from your own website according to the CSP
self in the