Problem with CSP

Hi @kuba,

We are currently implementing a like-wise CSP header and have the exact same issue on our server end when trying to implement the piwik pro script.

The script-src looks like this:

script-src-elem ‘self’ ‘nonce-VALUE’;\

The error message in our browser log:

“Refused to execute inline script because it violates the following Content Security Policy directive: …”

We do not face issues when tracking on localhost.

Thank you in advance.

Hi. Did you follow this guide? Content Security Policy (CSP) — Piwik PRO Analytics Suite 17.6 documentation

Thank you for your quick response @kuba

After checking the documentation and updating the script to the async snippet, we still face the same error when testing on our not-local environment.

Could you provide us with the URL of the instance you are referring to? You can leave it here under the thread or send it to me via private message.