Content Security Policy: Page settings prevented loading of resource when having Google and Matomo analytics in the same node.js application
I'm very new with node.js, but I was told to add matomo analytics into node.js application that already has google analytics. The purpose is to have them both at least in the beginning.
With the below I get error message : Content Security Policy: Page settings prevented loading of resource from https://cdn.matomo.cloud/<mySite>.matomo.cloud/container_<myContainer>.js ("script-src").
My code in index.pug:
doctype html
html(lang="fi")
head
meta(charset="UTF-8")
meta(http-equiv="X-UA-Compatible", content="IE=edge")
meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
meta(name="host", content="Azure")
link(rel="icon", href="omatalous/public/media/favicon.ico")
<!-- Azure -->
title Oma talous -laskuri
if enableAnalytics
<!-- Global site tag (gtag.js) - Google Analytics -->
- var src = 'https://www.googletagmanager.com/gtag/js?id=' + gaTrackingId;
script(async src=src)
script.
window.gaTrackingId = '#{gaTrackingId}';
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', window.gaTrackingId, {
'page_title' : 'Intro'
});
block styles
link(rel="stylesheet", href='omatalous/public/core.min.css')
- var src = 'https://cdn.matomo.cloud/<mySite>.matomo.cloud/container_<myContainer>.js'
script(async src=src)
script.
var _mtm = window._mtm = window._mtm || [];
_mtm.push({'mtm.startTime': (new Date().getTime()), 'event': 'mtm.Start'});
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src='https://cdn.matomo.cloud/<mySite>.matomo.cloud/container_<myContainer>.js'; s.parentNode.insertBefore(g,s);
How can I get rid of this error message ?
Edit: Console logs from Chrome: 
Solution
Found the solution from here: https://content-security-policy.com/script-src/. So I just needed to copy the matomo script into a file and insert https://mySite.matomo.cloud into this already existing string: connectSrc: "'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://<mySite>.matomo.cloud"
- How to fix Lambda function timeout when interacting with DynamoDB using AWS SDK v3 in Node.js?
- Why does getMetadata().size show 20 bytes for an empty file in Google Cloud Storage?
- Send Sendgrid Email Without Subject
- Why is my Node.js server returning a 404 error for valid routes?
- Why doesn't npm update install the latest nodemon version?
- ng serve: Cannot find module 'tapable'
- Rijndael implementation in NodeJs not working the same as C# or Java
- punycode is deprecated in npm - what should I replace it with?
- Error message "node: --openssl-legacy-provider is not allowed in NODE_OPTIONS"
- How to find npm duplicate packages?
- How to fix 'Error: querySrv EREFUSED' when connecting to MongoDB Atlas?
- Pug is not correctly generating the HTML even with the correct pug indentation
- Chai/Node.js: Expect(value).to.be.NaN issue
- KDBXWeb Saving database works in browser, fails in UnitTest
- Cannot Install NPM Package - Code 128 An unknown git error occurred
- Node.js fs.readdir recursive directory search
- How to update "updatedAt" manually?
- Can't connect Node.js to remote database MariaDB
- How do I export an array with module.exports in node js?
- SOAP/AXL Request to CUCM Fails with Node.js
- NestJS: Type 'NestFastifyApplication' does not satisfy the constraint 'INestApplication'
- Extend Express Request object using Typescript
- How to get the name of forum post : discord.js
- MongoNetworkError: AggregateError has an empty errors array
- Sharp image library rotates image when resizing?
- api integration test code generation from swagger spec
- Puppeteer : How to install puppeteer on ec2 server
- JSDoc + Mongoose : how to document Mongoose models?
- How to generate the _grpc_pb.d.ts from a proto file for use with gRPC in a Node app?
- How to avoid explicitly acquiring access tokens when calling Microsoft Graph API in Node.js?