mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-02-15 16:04:20 -05:00
1d10ad2247
In https://github.com/alphagov/notifications-admin/pull/1583 we changed our Google Analytics settings to use newer browsers’ `sendBeacon` feature. The advantage of this is that it > [ensures] that the data has been sent during the unloading of a > document [which] is something that has traditionally been difficult > for developers – https://developer.mozilla.org/en-US/docs/Web/API/Navigator/sendBeacon To transmit this data it uses a AJAX request (`XMLHttpRequest`) underneath. AJAX requests are governed by the `connect-src` content security policy (or the `default-src` if one is not present). `connect-src`: > Applies to XMLHttpRequest (AJAX), WebSocket or EventSource. If not > allowed the browser emulates a 400 HTTP status code. – https://content-security-policy.com/ Because we didn’t have one in place, `sendBeacon` requests to GA were getting blocked in browsers that support content security policy (pretty much everything better than IE11[1]). 1. https://caniuse.com/#feat=beacon