Can Content Security Policy be made compatible with Google Analytics and AdSense?

Question

Does anyone know how to get CSP, even with the default-src wildcard, to work so a modern Analytics script sends website per-page data (not just home page data) to the site o

Answer 1

Or log all error with report-uri for add sources to your CSP.

JSON will POST to that URL (https://example.com/csp/log.php).

Content-Security-Policy: default-src 'self';
report-uri: https://example.com/csp/log.php;