You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the Google analytics script is the only inline script in our app, and that's causing our Mozilla Observatory score to be a B instead of an A. It's a minor thing, but we can fix it!
This task is done when...
the Google analytics bootstrap code is moved from index.html to app.js (this will also remove it from dev, which is probably a good thing)
after the new app.js is deployed to production, AWS is updated
the staging and production Lambda functions are updated to remove inline-unsafe from the script-src section of the Content-Security-Policy header
new versions of the staging and production functions are deployed
the staging and production CloudFront distributions are updated with the new Lambda functions' ARNs (CloudFront -> Edit distribution -> Behaviors -> update each existing behavior)
The text was updated successfully, but these errors were encountered:
Currently the Google analytics script is the only inline script in our app, and that's causing our Mozilla Observatory score to be a B instead of an A. It's a minor thing, but we can fix it!
This task is done when...
index.html
toapp.js
(this will also remove it from dev, which is probably a good thing)app.js
is deployed to production, AWS is updatedinline-unsafe
from thescript-src
section of theContent-Security-Policy
headerThe text was updated successfully, but these errors were encountered: