@topcnm opened this Issue on December 9th 2021

Page Overlay loads the page that i want to tracking correctly, however with no bubbles in page.

Current Behavior

The console log give errors as below:
Refused to frame '<My URL I am tracking>' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback

Possible Solution

Steps to Reproduce (for Bugs)

  1. I have followed the steps that given by nginx example to set up my own matomo website with docker-compose
  2. Embed the track code in My URL
  3. Set My URL as trusted_hosts
  4. The matomo collects the tracking infomation correctly but page overly

Your Environment

  • Matomo Version: matomo:fpm-alpine
  • Server Operating System: CentOs 7
  • Additionally installed plugins:
  • Browser:
  • Operating System:
@bx80 commented on December 16th 2021 Contributor

Hi @topcnm, thanks for contacting us.

Do you have Cross Origin Resource Sharing configured? https://matomo.org/faq/how-to/faq_18694/

@topcnm commented on December 28th 2021

Thanks fro your reply.
I have set domain with (Administration > System > General settings), then config the websites( that i want to track) nginx by `add_header Access-Control-Allow-Origin ;`
however, it does not help. When I open the page overlay, it gives the same error still, and the left side keeps on loading.

@bx80 commented on January 4th 2022 Contributor

@topcnm You might need to adjust the nginx content security policy rule to allow Matomo to iframe your website.

I can't give you the exact changes as I don't know your configuration, but it would look something like add_header Content-Security-Policy “frame-src ‘self’ your-matomo-domain.com”

Powered by GitHub Issue Mirror