quando utilizzo l’ID del contenitore GTM preparato nelle nostre impostazioni nell’app con l’ID GTM corretto (ad esempio GTM-XYZXYZ) e, naturalmente, aggiungo il dominio specifico alla whitelist (secondo la guida Integrating Google Tag Manager with Google Analytics), riscontro un problema nel caricamento e nel recupero dello script https://d1i8vaoc4ts7hj.cloudfront.net/5e3fcb4db448a78908a4671b6fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js, chiamato dallo script principale gtm.js, con il messaggio GET https://d1i8vaoc4ts7hj.cloudfront.net/5e3fcb4db448a78908a4671b6fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js net::ERR_FAILED e {message: "remote script failed https://d1i8vaoc4ts7hj.cloudf…fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js"}.
Lo stesso problema si verifica anche quando viene chiamato da NetworkFirst.mjs (Uncaught (in promise) no-response: no-response :: [{"url":"https://d1i8vaoc4ts7hj.cloudfront.net/5e3fcb4db448a78908a4671b6fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js"}]).
I had this problem recently and that’s what I did to fix it. I didn’t quite understand why it appeared. I added https: and unsafe-inline. Having it be so permissive seemed to be bypassing something that seems like it should be important, but this is what solved the problem.
It would seem like if Google requires this then the plugin should do it automatically. If my site broke, then I’d think that every site will break (when they upgrade again?).
GTM support isn’t a plugin, it’s a setting in core Discourse. There’s currently a note about CSP in the setting description.
But I’m guessing you’re thinking of the ad plugin, which is another story. It includes multiple ad options, all of them disabled when you install the plugin. Each setting should probably have a note about CSP so people know about it.
I’m guessing so too! I’ve tried not to learn about this. I don’t know the difference between GTM, Adsense, and DFP.
Maybe so. All I know is that a site had the Google Ads working and then there was an upgrade and then the stopped working. I got blamed.
If Google [ad manager|dfp|ad plugin|gtm] requires some CSP setting to change because [Google|Discourse] changed something, it’d be nice to, maybe, create one of those annoying Dashboard notices about it?
