Refused to load the script Piwik Pro

pascal · September 26, 2022, 11:09am

Hi,
I’m facing an issue implementing ecommerce tracking on a website.
When we arrive on the confirmation page, the piwik pro script seems to be blocked.
I don’t understand why.
Maybe somebody already met this issue ?
Thank you
Pascal

Refused to load the script 'https://XXXXXXX.containers.piwik.pro/7ed792f8-a8ac-4528-b301-7e931b251e71.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.avada.io https://googleads.g.doubleclick.net https://t4.my-probance.one/webtrax/rsc/podowell.js https://www.googletagmanager.com/gtm.js https://bat.bing.com https://static.hotjar.com/c/hotjar-1751513.js https://script.hotjar.com https://connect.facebook.net https://www.googletagmanager.com/gtag/js https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__fr.js https://script.hotjar.com/modules.909c20fd8721306b1fa9.js https://bat.bing.com/p/action/22018159.js https://script.hotjar.com/modules.19e5fee3eaef277c9b64.js https://script.hotjar.com/modules.54959b9c945092ba123f.js https://js.api.here.com/v3/3.1/mapsjs-core.js https://js.api.here.com/v3/3.1/mapsjs-service.js https://js.api.here.com/v3/3.1/mapsjs-ui.js https://js.api.here.com/v3/3.1/mapsjs-mapevents.js https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js https://bat.bing.com/p/action/5891144.js https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__fr.js https://www.gstatic.com https://www.googletagmanager.com tagmanager.google.com https://cdnjs.cloudflare.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com api.payplug.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

mbaersch · September 26, 2022, 3:16pm

Hi,

your confirmation page seems to be served by a different host with a Content Security Policy (CSP, Content Security Policy (CSP) - HTTP | MDN) that only allows to load scripts from specific domains - and .containers.piwik.pro seems not to be part of that list.

If all pages were served from the same host, this message would appear on all other pages before the confirmation, too. So you will have to find someone who can edit the CSP for the “checkout domain” and add your container (and I guess the tracking endpoint .piwik.pro as well) in order to make everyting work.

best,
Markus

pascal · September 27, 2022, 9:46am

Thank you for your your answer.
Best regards
Pascal

Topic		Replies	Views
Get error blocked by client Data collection and tags	2	134	October 31, 2023
Problem with CSP Data collection and tags	3	184	July 26, 2023
No any results (i'm using Webnode) Data collection and tags	6	248	May 15, 2023
Piwik not tracking Data collection and tags	2	110	May 26, 2023
Error caused by tracking script when accessing local html Data collection and tags	9	1017	April 28, 2021

Refused to load the script Piwik Pro

Related Topics