Right now, the CSP directives include only www.google-analytics.com wrt. educates' Google Analytics integration.
However, when using a GA4-compatible tag, the scripts try to connect to some different source (probably sources), in my case region1.google-analytics.com.
A fix proposed on Slack would be to change the CSP directive to *.google-analytics.com.
Additional information
The error message logged to the browser's console looks like this:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-K7LC27BD7N&<redacted>'
because it violates the following Content Security Policy directive:
"connect-src 'self' *.<redacted> www.google-analytics.com *.clarity.ms c.bing.com *.amplitude.com".
Describe the bug
Right now, the CSP directives include only
www.google-analytics.comwrt. educates' Google Analytics integration. However, when using a GA4-compatible tag, the scripts try to connect to some different source (probably sources), in my caseregion1.google-analytics.com.A fix proposed on Slack would be to change the CSP directive to
*.google-analytics.com.Additional information
The error message logged to the browser's console looks like this: