Closed groovecoder closed 4 days ago
Google Tag Manager needs script-src: unsafe-inline and worker-src: blob:. I created this branch to test these updates on the dev server.
script-src: unsafe-inline
worker-src: blob:
This fix already works on dev, because API_DOCS_ENABLED is set to True.
API_DOCS_ENABLED
True
For stage & prod, we will need to set two new env vars:
CSP_SCRIPT_UNSAFE_INLINE=True
CSP_WORKER_BLOB=True
/frontend/src/styles/tokens.scss
Google Tag Manager needs
script-src: unsafe-inline
andworker-src: blob:
. I created this branch to test these updates on the dev server.This fix already works on dev, because
API_DOCS_ENABLED
is set toTrue
.For stage & prod, we will need to set two new env vars:
CSP_SCRIPT_UNSAFE_INLINE=True
CSP_WORKER_BLOB=True
How to test on dev:
How to test on stage:
CSP_SCRIPT_UNSAFE_INLINE=True
CSP_WORKER_BLOB=True
/frontend/src/styles/tokens.scss
).~