Updated csp policies to match ga documentation (#57)

ONSdigital · Nov 13, 2024 · 16ededc · 16ededc
1 parent bcec391
commit 16ededc
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/rh_ui/security.py b/rh_ui/security.py
@@ -1,4 +1,5 @@
 from flask import Blueprint
+
 CSP = {
     'default-src': [
         "'self'",
@@ -17,12 +18,16 @@
     'connect-src': [
         "'self'",
         'https://cdn.ons.gov.uk',
-        'https://*.google-analytics.com/'
+        'https://*.google-analytics.com/',
+        "https://*.analytics.google.com",
+        "https://*.googletagmanager.com"
     ],
     'img-src': [
         "'self'",
         'data:',
-        'https://cdn.ons.gov.uk'
+        'https://cdn.ons.gov.uk',
+        "https://*.google-analytics.com",
+        "https://*.googletagmanager.com"
     ],
 }