问题
I'm having a difficult time finding the error I may have commit with GA. I developed a site http://farmacia-milenium.com.ar that used the default universal tracking code. For some reason the script is not working and I'm not tracking correctly. I do not know if some code of the site may interrupt the code performance.
Could some one help me?
Regards
回答1:
Google Tag Assistant says the analytics.js script is not available and the console (in Google Chrome, that is) shows an error:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'".
From that it would seem that your content security policy needs to be adapted to allow Google Analytics code to be injected into the page.
回答2:
After a long search I could find the solution for my quest:
Header set X-Content-Type-Options "nosniff" Header set X-XSS-Protection "1; mode=block" Header set X-Frame-Options "SAMEORIGIN" Header set Strict-Transport-Security "max-age=631138519" Header unset Content-Security-Policy Header add Content-Security-Policy-Report-Only "default-src 'self'; font-src data: 'self'; img-src data: http: 'self'; media-src *; object-src 'none'; script-src data: http: 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src *; report-uri http://cspbuilder.info/report/CODE"
来源:https://stackoverflow.com/questions/22920804/google-analytics-universal-code-not-tracking