Instrument JS with copy/pasted snippet

this avoids having to set `unsafe-inline` in our CSP header
2025-12-10 23:23:27 -05:00 · 2023-05-02 15:26:57 -04:00
parent 3f44877c8b
commit 3f13598f70
10 changed files with 36 additions and 2 deletions
--- a/app/config.py
+++ b/app/config.py
@@ -28,6 +28,12 @@ class Config(object):
    BASIC_AUTH_USERNAME = getenv('BASIC_AUTH_USERNAME')
    BASIC_AUTH_PASSWORD = getenv('BASIC_AUTH_PASSWORD')
    NR_ACCOUNT_ID = getenv('NR_ACCOUNT_ID')
    NR_TRUST_KEY = getenv('NR_TRUST_KEY')
    NR_AGENT_ID = getenv('NR_AGENT_ID')
    NR_APP_ID = getenv('NR_APP_ID')
    NR_BROWSER_KEY = getenv('NR_BROWSER_KEY')
    TEMPLATE_PREVIEW_API_HOST = getenv('TEMPLATE_PREVIEW_API_HOST', 'http://localhost:9999')
    TEMPLATE_PREVIEW_API_KEY = getenv('TEMPLATE_PREVIEW_API_KEY', 'my-secret-key')
--- a/app/templates/main_template.html
+++ b/app/templates/main_template.html
@@ -7,9 +7,10 @@
 <html lang="{{ htmlLang | default('en') }}" class="govuk-template {{ htmlClasses }}">
  <head>
    <meta charset="utf-8" />
-    <title>{% block pageTitle %}GOV.UK - The best place to find government services and information{% endblock %}</title>
+    <title>{% block pageTitle %}U.S. Notify{% endblock %}</title>
    <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">
    <meta name="theme-color" content="{{ themeColor | default('#0b0c0c') }}" /> {# Hardcoded value of $govuk-black #}
    {% include "partials/newrelic.html" -%}
    {# Ensure that older IE versions always render with the correct rendering engine #}
    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
--- a/app/templates/partials/newrelic.html
+++ b/app/templates/partials/newrelic.html
--- a/deploy-config/demo.yml
+++ b/deploy-config/demo.yml
@@ -2,3 +2,5 @@ env: demo
 instances: 1
 memory: 1G
 public_admin_route: notify-demo.app.cloud.gov
 nr_agent_id: "1134302465"
 nr_app_id: "1083160688"
--- a/deploy-config/production.yml
+++ b/deploy-config/production.yml
@@ -2,3 +2,5 @@ env: production
 instances: 2
 memory: 1G
 public_admin_route: notify.app.cloud.gov
 nr_agent_id: ""
 nr_app_id: ""
--- a/deploy-config/sandbox.yml
+++ b/deploy-config/sandbox.yml
@@ -9,3 +9,6 @@ SECRET_KEY: sandbox-notify-secret-key
 BASIC_AUTH_USERNAME: sandbox
 BASIC_AUTH_PASSWORD: sandbox
 REDIS_ENABLED: 1
 nr_agent_id: ""
 nr_app_id: ""
 NR_BROWSER_KEY: ""
--- a/deploy-config/staging.yml
+++ b/deploy-config/staging.yml
@@ -2,3 +2,5 @@ env: staging
 instances: 1
 memory: 1G
 public_admin_route: notify-staging.app.cloud.gov
 nr_agent_id: "1134291385"
 nr_app_id: "1031640326"
--- a/manifest.yml
+++ b/manifest.yml
@@ -26,6 +26,12 @@ applications:
      NEW_RELIC_CONFIG_FILE: newrelic.ini
      NEW_RELIC_ENVIRONMENT: ((env))
      NR_ACCOUNT_ID=3389907
      NR_TRUST_KEY=562946
      NR_AGENT_ID=((nr_agent_id))
      NR_APP_ID=((nr_app_id))
      NR_BROWSER_KEY=((NR_BROWSER_KEY))
      REDIS_ENABLED: ((REDIS_ENABLED))
      ADMIN_BASE_URL: https://((public_admin_route))
      API_HOST_NAME: https://notify-api-((env)).apps.internal:61443
--- a/newrelic.ini
+++ b/newrelic.ini
@@ -177,7 +177,7 @@ error_collector.ignore_errors =
 # For those Python web frameworks that are supported, this
 # setting enables the auto-insertion of the browser monitoring
 # JavaScript fragments.
-browser_monitoring.auto_instrument = true
+browser_monitoring.auto_instrument = false
 # A thread profiling session can be scheduled via the UI when
 # this option is enabled. The thread profiler will periodically
--- a/sample.env
+++ b/sample.env
@@ -27,3 +27,8 @@ REDIS_URL=redis://localhost:6379/0
 # New Relic
 NEW_RELIC_CONFIG_FILE=newrelic.ini
 NEW_RELIC_LICENSE_KEY="don't write secrets to the sample file"
 NR_ACCOUNT_ID=3389907
 NR_TRUST_KEY=562946
 NR_AGENT_ID=1134289521
 NR_APP_ID=1013682065
 NR_BROWSER_KEY="don't write secrets to the sample file"