@franky47 opened this Issue on February 20th 2019

From what I can tell, the CORS settings only apply to the API, the tracking script piwik.js is not served with the Access-Control-Allow-Origin response header.

I would like to use the integrity attribute on the tracker script, to make sure it has not been tampered with, and it requires the resource to be served with CORS headers.

Powered by GitHub Issue Mirror