I am using the standard Docker based install. In our template we need to include Adobe Tag Manager which is loaded from assets.adobedtm.com. The default CSP headers prevent loading of the script.
How can I add or extend the default CSP headers in a “supported” non-hacky way?
I just need to know how I can add it e.g. during build of the container to be able to automate it…
Do you mean “content security policy script src” in site settings?
And how can I amend e.g. connect-src or other attributes of the policy?