GTM 使用エラー

Tomiikcz · 2020 年 1 月 20 日午後 8:57

皆様、こんにちは。

アプリの設定で正しい GTM ID（例：GTM-XYZXYZ）を含む gtm container id を準備して使用し、かつ特定のドメインをホワイトリストに追加した場合（Integrating Google Tag Manager with Google Analytics のマニュアルに従って）、以下の問題が発生します。

gtm.js のコアスクリプトから呼び出される https://d1i8vaoc4ts7hj.cloudfront.net/5e3fcb4db448a78908a4671b6fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js スクリプトの読み込みと取得に失敗し、エラーメッセージ GET https://d1i8vaoc4ts7hj.cloudfront.net/5e3fcb4db448a78908a4671b6fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js net::ERR_FAILED および {message: "remote script failed https://d1i8vaoc4ts7hj.cloudf…fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js"} が表示されます。

同様の問題が、NetworkFirst.mjs から呼び出された際にも発生します（Uncaught (in promise) no-response: no-response :: [{"url":"https://d1i8vaoc4ts7hj.cloudfront.net/5e3fcb4db448a78908a4671b6fb685c7acd13fa3_10854/dist/js-extra/VisitorAPI.js"}]）。

どなたかアドバイスをお願いできませんでしょうか。

よろしくお願いいたします。
T

neil · 2020 年 1 月 20 日午後 9:46

Can you try adding 'unsafe-inline' as Google’s support doc says? If it works, I can add it to our howto instructions.

Tomiikcz · 2020 年 1 月 21 日午前 10:55

So I should insert 'unsafe-inline' https://www.googletagmanager.com to content security policy script src array?

Maybe I don’t understand your reply. But it doesn’t work for me.

neil · 2020 年 1 月 21 日午後 3:08

Yes, that’s what their doc says needs to be added.

If that’s not permissive enough, you can try allowing anything starting with “https”.

pfaffman · 2020 年 1 月 21 日午後 6:31

I had this problem recently and that’s what I did to fix it. I didn’t quite understand why it appeared. I added https: and unsafe-inline. Having it be so permissive seemed to be bypassing something that seems like it should be important, but this is what solved the problem.

It would seem like if Google requires this then the plugin should do it automatically. If my site broke, then I’d think that every site will break (when they upgrade again?).

neil · 2020 年 1 月 21 日午後 8:11

GTM support isn’t a plugin, it’s a setting in core Discourse. There’s currently a note about CSP in the setting description.

But I’m guessing you’re thinking of the ad plugin, which is another story. It includes multiple ad options, all of them disabled when you install the plugin. Each setting should probably have a note about CSP so people know about it.

pfaffman · 2020 年 1 月 21 日午後 8:18

I’m guessing so too! I’ve tried not to learn about this. I don’t know the difference between GTM, Adsense, and DFP.

Maybe so. All I know is that a site had the Google Ads working and then there was an upgrade and then the stopped working. I got blamed.

If Google [ad manager|dfp|ad plugin|gtm] requires some CSP setting to change because [Google|Discourse] changed something, it’d be nice to, maybe, create one of those annoying Dashboard notices about it?

トピック		返信	表示
Cant get google tag manager to work Data & reporting analytics	6	1743	2023 年 9 月 29 日
Google Tag Manager (gtm) script blocked by CSP Data & reporting analytics	4	5363	2023 年 7 月 3 日
GTM Refused to load the script because it violates the Content Security Policy Data & reporting	3	3652	2021 年 6 月 16 日
Trying to enable Google Analytics GA4 Support analytics	2	67	2025 年 7 月 3 日
Can't get script tag to work in landing pages plugin due to content-security-policy Support	5	164	2025 年 7 月 1 日

GTM 使用エラー

関連トピック