Dynamic CSP Content Security Policy with workers
Hi, I'm injecting the CSP using a Cloudflare worker, the CSP allows loading images from google.com. The issue is when I open the page in Ecuador the CSP blocks an image because the image URL is google.com.ec/ref/... (it is loading from the google's ecuadorian subdomain). This is because Google Analitycs uses the regional domain to load the tracking pixel. How can I update the worker to get the google domain's country of the request e.g. (if Ecuador => google.com.ec) So I can add it to the CSP.
1 Reply
Hi sure, what have you tried? what's your site name? How do you add the script tags in your site? @arclight