The Content Security Policy module automatically detects the external js file domain from the ga/analytics library, but a policy that implements default-src, image-src, or connect-src will also need to allow the analytics tracking domain.

#2895245: API for modules to alter policy will introduce an event which Googalytics can act on.

Comments

gapple created an issue. See original summary.

  • gapple committed ec73309 on 8.x-1.x 
    Issue #3097993: Implement Content Security Policy alter event subscriber
gapple’s picture

gapple
he/they
Primary language English
commented
Status: Active » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.