3

We are using magento 2 with Cloudflare enabled on the website but when we try to install Matomo getting this issue on the browser console -

index.php:1 Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c124171
    7689176015' because it violates the following Content Security Policy directive: 
    "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not 
    explicitly set, so 'default-src' is used as a fallback.

And It is not proper to install getting this SQLSTATE error - enter image description here Does anyone know how to solve this?

Improve this question
2
  • 1
    You'll need to modify your Content Security Policy (wherever that is actually set/configured), to include https://static.cloudflareinsights.com as a valid source.
    – CBroe
    Commented Jun 26 at 10:49
  • 1
    @CBroe is correct, you need to modify the Content Security Policy of your web server apache/nginx. You can also check your current Content Security Policy here: csp-evaluator.withgoogle.com
    – HarisH Sharma
    Commented Jun 26 at 16:14

1 Answer 1

Reset to default
0

You need to whitelist the cloudflare domaine in a csp_whitelist.xml.

for more details, you can check the Magento 2 donc https://developer.adobe.com/commerce/php/development/security/content-security-policies/

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.