CDN & Brand Configuration
How the starti.app SDK is distributed via CDN and how brand-specific configuration works
CDN & Brand Configuration
The starti.app SDK is served from a CDN at cdn.starti.app. Each brand gets its own URL namespace containing a customized bundle with brand-specific configuration baked in. This page explains how the distribution model works and what the brand name represents.
The CDN URL pattern
https://cdn.starti.app/c/{BRAND_NAME}/main.js
https://cdn.starti.app/c/{BRAND_NAME}/main.css{BRAND_NAME} is the brand identifier you set up in the starti.app Manager. It is a unique string that identifies your app and its configuration.
When you load the SDK from this URL, you receive a bundle that includes:
- The core starti.app SDK (the same for all brands)
- Your brand-specific configuration (colors, domains, modules, features)
- Any enabled factory modules (smart banners, intro flows, push notification buttons, etc.)
This means the SDK is ready to use with your settings as soon as the script loads — no additional configuration API calls are needed.
How builds work
When you update your brand configuration in the starti.app Manager, the factory rebuilds your brand bundle and uploads it to the CDN. The build process:
- Fetches the latest SDK version from a central repository
- Reads your brand configuration from the database
- Generates a brand-specific bundle combining the SDK with your configuration
- Uploads the result to
cdn.starti.app/c/{BRAND_NAME}/
This happens automatically — you do not need to trigger builds manually.
Brand registration
Brands are created and managed in the starti.app Manager. When you create a brand, you configure:
- Brand name / ID — The unique identifier used in CDN URLs
- App URL — The web application URL your native app loads
- Internal domains — Domains that stay inside the app's webview
- Theme — Primary and secondary colors
- Modules — Optional features like smart banners, intro flows, cookie clickers
- Store configuration — App Store and Google Play IDs
The brand ID is the key that ties your CDN bundle, your native app, and your manager configuration together.
In production CDN bundles are cached for up to 10 minutes. After you update your configuration in the Manager, changes propagate once the cache expires. Once a new version is published, the cache is disabled for the rest of the day.
Content Security Policy (CSP)
If your web application uses a Content Security Policy, you need to allow the starti.app CDN domain. Add these directives to your CSP header or <meta> tag:
script-src https://cdn.starti.app;
style-src https://cdn.starti.app;
connect-src https://api.starti.app;Full CSP example
<meta
http-equiv="Content-Security-Policy"
content="
default-src 'self';
script-src 'self' https://cdn.starti.app;
style-src 'self' https://cdn.starti.app;
connect-src 'self' https://api.starti.app;
img-src 'self' data: blob:;
"
/>CSP directives summary
| Directive | Required value | Reason |
|---|---|---|
script-src | https://cdn.starti.app | SDK JavaScript bundle |
style-src | https://cdn.starti.app | SDK stylesheet |
connect-src | https://api.starti.app | SDK API calls (push notifications, analytics, etc.) |
img-src | data: blob: | Captured images (camera, file inputs) displayed as object URLs |
If you do not use a CSP header, no action is needed — the SDK works without one.
TypeScript types
The CDN bundle does not include TypeScript types. If you use TypeScript, install the starti.app npm package for type definitions. See TypeScript Support for details.