Changed content security policy for matomo tracking

This commit is contained in:
Kevin Veen-Birkenbach 2023-11-23 15:36:38 +01:00
parent 9b82435a6d
commit dc11daf43d
2 changed files with 7 additions and 3 deletions

View File

@ -1,5 +1,8 @@
# Add CSP header
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self' https://matomo.{{top_domain}}; script-src 'self' 'unsafe-inline' https://matomo.{{top_domain}};";
# sub filters to integrate matomo tracking code in nginx websites
sub_filter '</head>' '<script>{{matomo_tracking_code_one_liner}}</script></head>';
sub_filter '</body>' '<noscript><p><img src="//matomo.veen.world/matomo.php?idsite={{matomo_site_id}}&rec=1" style="border:0;" alt="" /></p></noscript></body>';
sub_filter_once off;
# sub_filter_types text/html; This is standart
sub_filter '</body>' '<noscript><p><img src="//matomo.{{top_domain}}/matomo.php?idsite={{matomo_site_id}}&rec=1" style="border:0;" alt="" /></p></noscript></body>';
sub_filter_once off;

View File

@ -1,3 +1,4 @@
load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so;
worker_processes auto;
events