[x/go.dev] all: remove Google Analytics tag in favor of just GTM
+ GTM can be used in place of Google Analytics. Both are not needed. + Generate Content-Security-Policy headers using a Go program instead of manually editing them in the .yaml files. + Add two new entries to the CSP header so that GTM Preview mode will work + Removes some dead code from when the site used the Google Feedback widget Fixes b/157076855 Change-Id: Icdb3e8d3d4619e91cab0f3f1b92f7672c0016c2f X-GoDev-Commit: 43b78e0b541a65d0f42352c62a451ae57917afb6
This commit is contained in:
Andrew Bonventre
Родитель
595f18f9f2
Коммит
a49ec69058
|
|
@ -1 +1,2 @@
|
|||
arrowParens: avoid
|
||||
singleQuote: true
|
||||
|
|
|
|||
|
|
@ -3,44 +3,48 @@ service: learn-go-dev
|
|||
main: ./cmd/frontend
|
||||
|
||||
handlers:
|
||||
- url: /
|
||||
static_files: public/learn/index.html
|
||||
upload: public/learn/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
- url: /
|
||||
static_files: public/learn/index.html
|
||||
upload: public/learn/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
- url: /(explore|learn)
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /(explore|learn)
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
||||
- url: /(explore|learn)/*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /(explore|learn)/*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
||||
# Special handler for static content in themes or page bundles.
|
||||
- url: /(.*)\.(png|svg|js|css|jpeg|jpg|xml|html|txt)$
|
||||
static_files: public/\1.\2
|
||||
upload: public/(.*)
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Special handler for static content in themes or page bundles.
|
||||
- url: /(.*)\.(png|svg|js|css|jpeg|jpg|xml|html|txt)$
|
||||
static_files: public/\1.\2
|
||||
upload: public/(.*)
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
# Handle arbitrary paths with an index.html, special casing the trailing slash.
|
||||
- url: /(.*)/
|
||||
static_files: public/learn/\1/index.html
|
||||
upload: public/learn/(.*)/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Handle arbitrary paths with an index.html, special casing the trailing slash.
|
||||
- url: /(.*)/
|
||||
static_files: public/learn/\1/index.html
|
||||
upload: public/learn/(.*)/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
# Handle arbitrary paths with an index.html
|
||||
- url: /(.*)
|
||||
static_files: public/learn/\1/index.html
|
||||
upload: public/learn/(.*)/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Handle arbitrary paths with an index.html
|
||||
- url: /(.*)
|
||||
static_files: public/learn/\1/index.html
|
||||
upload: public/learn/(.*)/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
- url: /.*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /.*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
|
|
|||
|
|
@ -3,44 +3,48 @@ service: staging-learn-go-dev
|
|||
main: ./cmd/frontend
|
||||
|
||||
handlers:
|
||||
- url: /
|
||||
static_files: public/learn/index.html
|
||||
upload: public/learn/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
- url: /
|
||||
static_files: public/learn/index.html
|
||||
upload: public/learn/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
- url: /(explore|learn)
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /(explore|learn)
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
||||
- url: /(explore|learn)/*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /(explore|learn)/*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
||||
# Special handler for static content in themes or page bundles.
|
||||
- url: /(.*)\.(png|svg|js|css|jpeg|jpg|xml|html|txt)$
|
||||
static_files: public/\1.\2
|
||||
upload: public/(.*)
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Special handler for static content in themes or page bundles.
|
||||
- url: /(.*)\.(png|svg|js|css|jpeg|jpg|xml|html|txt)$
|
||||
static_files: public/\1.\2
|
||||
upload: public/(.*)
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
# Handle arbitrary paths with an index.html, special casing the trailing slash.
|
||||
- url: /(.*)/
|
||||
static_files: public/learn/\1/index.html
|
||||
upload: public/learn/(.*)/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Handle arbitrary paths with an index.html, special casing the trailing slash.
|
||||
- url: /(.*)/
|
||||
static_files: public/learn/\1/index.html
|
||||
upload: public/learn/(.*)/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
# Handle arbitrary paths with an index.html
|
||||
- url: /(.*)
|
||||
static_files: public/learn/\1/index.html
|
||||
upload: public/learn/(.*)/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Handle arbitrary paths with an index.html
|
||||
- url: /(.*)
|
||||
static_files: public/learn/\1/index.html
|
||||
upload: public/learn/(.*)/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
- url: /.*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /.*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
|
|
|||
|
|
@ -3,44 +3,48 @@ service: staging-go-dev
|
|||
main: ./cmd/frontend
|
||||
|
||||
handlers:
|
||||
- url: /
|
||||
static_files: public/index.html
|
||||
upload: public/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
- url: /
|
||||
static_files: public/index.html
|
||||
upload: public/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
- url: /(explore|learn)
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /(explore|learn)
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
||||
- url: /(explore|learn)/*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /(explore|learn)/*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
||||
# Special handler for static content in themes or page bundles.
|
||||
- url: /(.*)\.(png|svg|js|css|jpeg|jpg|xml|html|txt)$
|
||||
static_files: public/\1.\2
|
||||
upload: public/(.*)
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Special handler for static content in themes or page bundles.
|
||||
- url: /(.*)\.(png|svg|js|css|jpeg|jpg|xml|html|txt)$
|
||||
static_files: public/\1.\2
|
||||
upload: public/(.*)
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
# Handle arbitrary paths with an index.html, special casing the trailing slash.
|
||||
- url: /(.*)/
|
||||
static_files: public/\1/index.html
|
||||
upload: public/(.*)/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Handle arbitrary paths with an index.html, special casing the trailing slash.
|
||||
- url: /(.*)/
|
||||
static_files: public/\1/index.html
|
||||
upload: public/(.*)/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
# Handle arbitrary paths with an index.html
|
||||
- url: /(.*)
|
||||
static_files: public/\1/index.html
|
||||
upload: public/(.*)/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Handle arbitrary paths with an index.html
|
||||
- url: /(.*)
|
||||
static_files: public/\1/index.html
|
||||
upload: public/(.*)/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
- url: /.*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /.*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
|
|
|||
|
|
@ -3,44 +3,48 @@ service: go-dev
|
|||
main: ./cmd/frontend
|
||||
|
||||
handlers:
|
||||
- url: /
|
||||
static_files: public/index.html
|
||||
upload: public/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
- url: /
|
||||
static_files: public/index.html
|
||||
upload: public/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
- url: /(explore|learn)
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /(explore|learn)
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
||||
- url: /(explore|learn)/*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /(explore|learn)/*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
||||
# Special handler for static content in themes or page bundles.
|
||||
- url: /(.*)\.(png|svg|js|css|jpeg|jpg|xml|html|txt)$
|
||||
static_files: public/\1.\2
|
||||
upload: public/(.*)
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Special handler for static content in themes or page bundles.
|
||||
- url: /(.*)\.(png|svg|js|css|jpeg|jpg|xml|html|txt)$
|
||||
static_files: public/\1.\2
|
||||
upload: public/(.*)
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
# Handle arbitrary paths with an index.html, special casing the trailing slash.
|
||||
- url: /(.*)/
|
||||
static_files: public/\1/index.html
|
||||
upload: public/(.*)/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Handle arbitrary paths with an index.html, special casing the trailing slash.
|
||||
- url: /(.*)/
|
||||
static_files: public/\1/index.html
|
||||
upload: public/(.*)/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
# Handle arbitrary paths with an index.html
|
||||
- url: /(.*)
|
||||
static_files: public/\1/index.html
|
||||
upload: public/(.*)/index.html
|
||||
http_headers:
|
||||
Content-Security-Policy: "default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; frame-ancestors 'none'; connect-src www.google-analytics.com"
|
||||
# Handle arbitrary paths with an index.html
|
||||
- url: /(.*)
|
||||
static_files: public/\1/index.html
|
||||
upload: public/(.*)/index.html
|
||||
http_headers:
|
||||
# Please use cmd/gencsp to generate this.
|
||||
Content-Security-Policy: "connect-src www.google-analytics.com; default-src 'self'; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; frame-ancestors 'none'; frame-src 'self' www.google.com feedback.googleusercontent.com www.googletagmanager.com; img-src 'self' www.google.com www.google-analytics.com ssl.gstatic.com www.gstatic.com data: *; object-src 'none'; script-src 'self' 'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck=' 'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M=' 'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo=' www.google.com www.gstatic.com support.google.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com tagmanager.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com feedback.googleusercontent.com www.gstatic.com tagmanager.google.com;"
|
||||
|
||||
- url: /.*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
- url: /.*
|
||||
secure: always
|
||||
redirect_http_response_code: 301
|
||||
script: auto
|
||||
|
|
|
|||
|
|
@ -0,0 +1,86 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"sort"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func main() {
|
||||
var ks []string
|
||||
for k := range csp {
|
||||
ks = append(ks, k)
|
||||
}
|
||||
sort.Strings(ks)
|
||||
|
||||
var sb strings.Builder
|
||||
for _, k := range ks {
|
||||
sb.WriteString(k)
|
||||
sb.WriteString(" ")
|
||||
sb.WriteString(strings.Join(csp[k], " "))
|
||||
sb.WriteString("; ")
|
||||
}
|
||||
fmt.Println(sb.String())
|
||||
}
|
||||
|
||||
const (
|
||||
self = "'self'"
|
||||
none = "'none'"
|
||||
unsafeInline = "'unsafe-inline'"
|
||||
)
|
||||
|
||||
var csp = map[string][]string{
|
||||
"connect-src": {
|
||||
"www.google-analytics.com",
|
||||
},
|
||||
"default-src": {
|
||||
self,
|
||||
},
|
||||
"font-src": {
|
||||
self,
|
||||
"fonts.googleapis.com",
|
||||
"fonts.gstatic.com",
|
||||
"data:",
|
||||
},
|
||||
"style-src": {
|
||||
self,
|
||||
unsafeInline,
|
||||
"fonts.googleapis.com",
|
||||
"feedback.googleusercontent.com",
|
||||
"www.gstatic.com",
|
||||
"tagmanager.google.com",
|
||||
},
|
||||
"frame-src": {
|
||||
self,
|
||||
"www.google.com",
|
||||
"feedback.googleusercontent.com",
|
||||
"www.googletagmanager.com",
|
||||
},
|
||||
"img-src": {
|
||||
self,
|
||||
"www.google.com",
|
||||
"www.google-analytics.com",
|
||||
"ssl.gstatic.com",
|
||||
"www.gstatic.com",
|
||||
"data: *",
|
||||
},
|
||||
"object-src": {
|
||||
none,
|
||||
},
|
||||
"script-src": {
|
||||
self,
|
||||
"'sha256-n6OdwTrm52KqKm6aHYgD0TFUdMgww4a0GQlIAVrMzck='", // Google Tag Manager main snippet
|
||||
"'sha256-4ryYrf7Y5daLOBv0CpYtyBIcJPZkRD2eBPdfqsN3r1M='", // Google Tag Manager Preview mode
|
||||
"'sha256-sVKX08+SqOmnWhiySYk3xC7RDUgKyAkmbXV2GWts4fo='", // Google Tag Manager Preview mode
|
||||
"www.google.com",
|
||||
"www.gstatic.com",
|
||||
"support.google.com",
|
||||
"www.googletagmanager.com",
|
||||
"www.google-analytics.com",
|
||||
"ssl.google-analytics.com",
|
||||
"tagmanager.google.com",
|
||||
},
|
||||
"frame-ancestors": {
|
||||
none,
|
||||
},
|
||||
}
|
||||
|
|
@ -13,8 +13,6 @@
|
|||
{{$stylesFP := $styles | fingerprint -}}
|
||||
<link rel="stylesheet" href="{{$stylesFP.RelPermalink}}" integrity="{{$stylesFP.Data.Integrity}}">
|
||||
{{end -}}
|
||||
{{if not .Site.IsServer -}}
|
||||
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-141356704-1"></script>
|
||||
<!-- Google Tag Manager -->
|
||||
<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
|
||||
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
|
||||
|
|
@ -22,7 +20,6 @@
|
|||
'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
|
||||
})(window,document,'script','dataLayer','GTM-W8MVQXG');</script>
|
||||
<!-- End Google Tag Manager -->
|
||||
{{end -}}
|
||||
<script src="/js/site.js"></script>
|
||||
<title>{{.Title}}{{if not .IsHome}} - {{.Site.Title}}{{end}}</title>
|
||||
{{if (isset .Params "link") -}}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
/**
|
||||
* A bit of navigation related code for handling dismissible elements.
|
||||
*/
|
||||
(function() {
|
||||
(function () {
|
||||
'use strict';
|
||||
|
||||
function registerHeaderListeners() {
|
||||
|
|
@ -38,24 +38,4 @@
|
|||
window.addEventListener('DOMContentLoaded', () => {
|
||||
registerHeaderListeners();
|
||||
});
|
||||
|
||||
// Register feedback listeners.
|
||||
window.addEventListener('load', () => {
|
||||
const buttons = document.querySelectorAll('.js-feedbackButton');
|
||||
buttons.forEach(button => {
|
||||
button.addEventListener('click', sendFeedback);
|
||||
});
|
||||
});
|
||||
|
||||
// Launches the feedback interface.
|
||||
function sendFeedback() {
|
||||
userfeedback.api.startFeedback({ productId: '5131929', bucket: 'Default' });
|
||||
}
|
||||
|
||||
window.dataLayer = window.dataLayer || [];
|
||||
function gtag() {
|
||||
dataLayer.push(arguments);
|
||||
}
|
||||
gtag('js', new Date());
|
||||
gtag('config', 'UA-141356704-1');
|
||||
})();
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче