Using GoSquared with Content-Security-Policy

The Content-Security-Policy standard allows websites to specify a set of rules governing how content such as scripts may run.

The GoSquared tracking code, being a third-party JavaScript snippet, will need to be included in your CSP directives if you wish to use GoSquared on pages served with CSP headers.

The minimum required directives to include in your CSP policy are:

script-src: https://*

If you are serving pages via HTTP as well as HTTPS, both instances of https:// should be removed from this.

We recommend that you check this page regularly, and subscribe to developer updates in your email preferences, to be notified in advance of any planned changes to this policy that would affect tracking.

Did you find this article helpful?