diff options
-rw-r--r-- | Bugzilla/CGI.pm | 8 | ||||
-rw-r--r-- | extensions/GoogleAnalytics/web/js/analytics.js | 1 |
2 files changed, 7 insertions, 2 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index 03805ad1e..dbcb3ef68 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -39,11 +39,13 @@ sub DEFAULT_CSP { script_src => [ 'self', 'nonce', 'unsafe-inline', 'https://www.google-analytics.com' ], frame_src => [ 'none', ], worker_src => [ 'none', ], - img_src => [ 'self', 'https://secure.gravatar.com', 'https://www.google-analytics.com' ], + img_src => [ 'self', 'https://secure.gravatar.com' ], style_src => [ 'self', 'unsafe-inline' ], object_src => [ 'none' ], connect_src => [ 'self', + # This is for extensions/GoogleAnalytics using beacon or XHR + 'https://www.google-analytics.com', # This is from extensions/OrangeFactor/web/js/orange_factor.js 'https://treeherder.mozilla.org/api/failurecount/', ], @@ -70,9 +72,11 @@ sub SHOW_BUG_MODAL_CSP { my ($bug_id) = @_; my %policy = ( script_src => ['self', 'nonce', 'unsafe-inline', 'unsafe-eval', 'https://www.google-analytics.com' ], - img_src => [ 'self', 'https://secure.gravatar.com', 'https://www.google-analytics.com' ], + img_src => [ 'self', 'https://secure.gravatar.com' ], connect_src => [ 'self', + # This is for extensions/GoogleAnalytics using beacon or XHR + 'https://www.google-analytics.com', # This is from extensions/OrangeFactor/web/js/orange_factor.js 'https://treeherder.mozilla.org/api/failurecount/', ], diff --git a/extensions/GoogleAnalytics/web/js/analytics.js b/extensions/GoogleAnalytics/web/js/analytics.js index 25f7d7527..86f1f2592 100644 --- a/extensions/GoogleAnalytics/web/js/analytics.js +++ b/extensions/GoogleAnalytics/web/js/analytics.js @@ -15,6 +15,7 @@ $(function() { ga('set', 'anonymizeIp', true); ga('set', 'location', meta.data('location')); ga('set', 'title', meta.data('title')); + ga('set', 'transport', 'beacon'); // Track page view ga('send', 'pageview'); } |