From 16ededcf141c97187f8b98d546a10c162c6f2275 Mon Sep 17 00:00:00 2001
From: ryangrundy7 <35301276+ryangrundy7@users.noreply.github.com>
Date: Wed, 13 Nov 2024 08:41:49 +0000
Subject: [PATCH] Updated csp policies to match ga documentation (#57)

---
 rh_ui/security.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/rh_ui/security.py b/rh_ui/security.py
index 7761a3e..977968c 100644
--- a/rh_ui/security.py
+++ b/rh_ui/security.py
@@ -1,4 +1,5 @@
 from flask import Blueprint
+
 CSP = {
     'default-src': [
         "'self'",
@@ -17,12 +18,16 @@
     'connect-src': [
         "'self'",
         'https://cdn.ons.gov.uk',
-        'https://*.google-analytics.com/'
+        'https://*.google-analytics.com/',
+        "https://*.analytics.google.com",
+        "https://*.googletagmanager.com"
     ],
     'img-src': [
         "'self'",
         'data:',
-        'https://cdn.ons.gov.uk'
+        'https://cdn.ons.gov.uk',
+        "https://*.google-analytics.com",
+        "https://*.googletagmanager.com"
     ],
 }