quando uso o ID do contêiner GTM preparado em nossas configurações no aplicativo com o ID GTM correto (por exemplo, GTM-XYZXYZ) e, claro, adiciono o domínio específico à lista de permissões (de acordo com o manual Integrating Google Tag Manager with Google Analytics), tenho um problema ao carregar e buscar o script https://d1i8vaoc4ts7hj.cloudfront.net/5e3fcb4db448a78908a4671b6fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js, chamado pelo script principal gtm.js, com a mensagem GET https://d1i8vaoc4ts7hj.cloudfront.net/5e3fcb4db448a78908a4671b6fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js net::ERR_FAILED e {message: "remote script failed https://d1i8vaoc4ts7hj.cloudf…fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js"}.
Tenho o mesmo problema em outro caso, chamado de NetworkFirst.mjs (Uncaught (in promise) no-response: no-response :: [{"url":"https://d1i8vaoc4ts7hj.cloudfront.net/5e3fcb4db448a78908a4671b6fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js"}]).
I had this problem recently and that’s what I did to fix it. I didn’t quite understand why it appeared. I added https: and unsafe-inline. Having it be so permissive seemed to be bypassing something that seems like it should be important, but this is what solved the problem.
It would seem like if Google requires this then the plugin should do it automatically. If my site broke, then I’d think that every site will break (when they upgrade again?).
GTM support isn’t a plugin, it’s a setting in core Discourse. There’s currently a note about CSP in the setting description.
But I’m guessing you’re thinking of the ad plugin, which is another story. It includes multiple ad options, all of them disabled when you install the plugin. Each setting should probably have a note about CSP so people know about it.
I’m guessing so too! I’ve tried not to learn about this. I don’t know the difference between GTM, Adsense, and DFP.
Maybe so. All I know is that a site had the Google Ads working and then there was an upgrade and then the stopped working. I got blamed.
If Google [ad manager|dfp|ad plugin|gtm] requires some CSP setting to change because [Google|Discourse] changed something, it’d be nice to, maybe, create one of those annoying Dashboard notices about it?
