A2P 10DLC Campaign Vetting Delays: Twilio cannot approve 10DLC Campaigns ourselves, and must rely on third parties who control our connections to carriers to sign off. These external processes are creating several week delays for our customers. We continue to escalate these issues and are working to reduce delays wherever possible. Further details will be shared in the Campaign Vetting Changes article as they become available.

Twilio Console Frame Blocking

On May 24, 2021, Twilio is implementing a new Content-Security-Policy header on all twilio.com pages pages to prevent them from being viewed in a frame. This guide explains why we're making this change, and what differences users may see going forward.

For full details, see Twilio Is Implementing Content Security Policy (Twilio Blog).

What is a Frame, and why are we blocking it?

Third party sites may use iFrameOptions or other framing methodologies to display a different web page within their own site. This "frame" can allow malicious actors to harvest customer data, posing an unnecessary risk for Twilio customers accessing Console in this manner. As a security precaution, Twilio is implementing a Content Security Policy header to block all third party framing of twilio.com sites, including our Console account management site.

What do I need to do?

After this change, any third party sites that allow you to view twilio.com sites from a frame will no longer work. Users can view this content directly at www.twilio.com.

Have more questions? Submit a request
Powered by Zendesk