README.mdown in intercom-rails-0.2.29 vs README.mdown in intercom-rails-0.2.30

- old
+ new

@@ -135,10 +135,16 @@
 
 ```html
   <a id="Intercom">Support</a>
 ```
 
+You can customize the CSS selector, by setting
+
+```ruby
+  config.inbox.custom_activator = '.intercom-link'
+```
+
 You can read more about configuring the messenger in your applications settings, within Intercom.
 
 ### Environments
 
 By default Intercom will be automatically inserted in development and production Rails environments. If you would like to specify the environments in which Intercom should be inserted, you can do so as follows:
@@ -185,9 +191,61 @@
   }, {
     :secret => 'your-apps-api-secret',
     :widget => {:activator => '#Intercom'}
   }) %>
 <% end %>
+```
+### Content Security Policy Level 2 (CSP) support
+As of version 0.2.30 this gem supports CSP, allowing you to whitelist the include code using both nonces and SHA-256 hashes.
+#### Automatic Insertion
+CSP support for automatic insertion exposes two namespaces that can be defined by the user via monkey patching:
+ - String CoreExtensions::IntercomRails::AutoInclude.csp_nonce_hook(controller)
+ - nil CoreExtensions::IntercomRails::AutoInclude.csp_sha256_hook(controller, SHA-256 whitelist entry)
+For instance, a CSP nonce can be inserted using the [Twitter Secure Headers](https://github.com/twitter/secureheaders) gem with the following code:
+```ruby
+module CoreExtensions
+  module IntercomRails
+    module AutoInclude
+      def self.csp_nonce_hook(controller)
+        SecureHeaders.content_security_policy_script_nonce(controller.request)
+      end
+    end
+  end
+end
+```
+or, for whitelisting the SHA-256 hash:
+```ruby
+module CoreExtensions
+  module IntercomRails
+    module AutoInclude
+      def self.csp_sha256_hook(controller, sha256)
+        SecureHeaders.append_content_security_policy_directives(controller.request, {script_src: [sha256]})
+      end
+    end
+  end
+end
+```
+#### Manual Insertion
+CSP is supported in manual insertion as well, the request nonce can be passed as an option:
+```erb
+<% if logged_in? %>
+  <%= intercom_script_tag({
+    :app_id => 'your-app-id',
+    :user_id => current_user.id,
+    :email => current_user.email,
+    :name => current_user.name,
+    :created_at => current_user.created_at
+  }, {
+    :secret => 'your-apps-api-secret',
+    :widget => {:activator => '#Intercom'},
+    :nonce => get_nonce_from_your_csp_framework
+  }) %>
+<% end %>
+```
+The SHA-256 hash is available using `csp_sha256` just after generating the tag itself:
+```erb
+<%= intercom_script_tag %>
+<% add_entry_to_csp_whitelist(intercom_script_tag.csp_sha256) %>
 ```
 ## Importing your users
 To get started faster with Intercom, `IntercomRails` includes a Rake task that will do an initial import of your users:
 
 ```