<!-- Google Tag Manager -->
<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer','GTM-XXXX');</script>
<!-- End Google Tag Manager -->
I’m following the instructions here to add GTM to discourse. I’ve removed the GA ID as stated in the article, as well as added https://www.googletagmanager.com to our allowlist.
Hey @Lilly! I didn’t see that topic in particular, but I did follow the documentation that it links to. I’ve allowlisted https://www.googletagmanager.com
I’ll need to reach out to the team that handles these scripts and mention nonce handling as well, thanks for pointing these out!
Odd, with either https://www.googletagmanager.com or https://*.googletagmanager.com allowlisted there aren’t any CSP related errors for the GTM script in particular in Brave nor Safari, just Chrome and Firefox.