Open yeldarby opened 1 year ago
yeldarby
commented
1 year ago Actually I see there's a repo that contains these integration scripts here but it's not clear whether I can just add a little proxy script that injects the crossorigin attribute into the scripts coming back 🤔
silesky
commented
1 year ago @yeldarby Thanks for the very well-written issue.
sametaylak
commented
10 months ago any updates on this?
MoonsuCha
commented
8 months ago Could this be a solution (https://www.npmjs.com/package/coi-serviceworker )? Are there any expected problems if we receive segment js through Service Worker?
erwanvivien
commented
8 months ago We are having the exact same problem
Multithreaded Wasm using some SharedArrayBuffer and we can't use Segment on this page due to COOP / COEP
We're working on making our site cross origin isolated to get access to multithreaded WASM, but once we set the headers on our page to
Several of our analytics scripts stop loading.
In order to fix this you have to add a
crossorigin="anonymous"attribute to the script tags.I forked this repo & added this to
packages/browser/src/lib/load-script.jsat line 36:Which worked for the tags that get loaded directly by
analytics-next.Unfortunately for some scripts, like
Amplitude, it looks like they load a script that injects another script which doesn't have thecrossoriginattribute & so fails to load.I was able to set a breakpoint in the debugger & manually inject the attribute:
to verify that this fixes the issue:
But have no way to actually edit the code coming down from this URL
https://cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/amplitude.dynamic.js.gzto persist the change.Could someone at Segment update those remote scripts to inject
crossorigin="anonymous"on tags they're adding whenwindow.crossOriginIsolatedistrue? BesidesAmplitude, it looks like the other integrations we have that are failing aregtag,redditandLinkedIn.