Hi All,
I'm working on CSP (Content Security Policy) for handling errors. I have enabled the CSP in my DEV environment and got an error ('https://www.google-analytics.com/analytics.js') in my application while adding script during loading the hope page.
I know this can be handled in this. But how and what do I need to mention in the Base-Uri? Please advise me on this. Any help will be appreciated.
Thanks
Prince
Hi Prince,
Use below settings to allow google analytics to render
script-src: https://www.google-analytics.com https://ssl.google-analytics.com img-src: https://www.google-analytics.com connect-src: https://www.google-analytics.com
Below is the documentation for same
https://developers.google.com/tag-platform/tag-manager/web/csp
Best Regards
Devendra
Thanks for replying, Devendra.
Should I need to mention these settings in Base-Uri section.
Regards
No in CSP settings you have separate option for each section for example connect-src
Like this.
then Apply and Save the changes.
Yes correct
Should I need to add "self" before using any links here? Getting this while applying the changes.
Yes that would load all resources from self domain that is your current domain as well as your google analytics.