Content security policy headers when using Matomo or Google analytics

I wrote a blog post Content security policy headers when using Matomo or Google analytics.

And have updated my frjo/hugo-theme-zen to not have inline code for Matomo analytic. The blog post describe how to do it for Google analytic as well.

There is some discussion around CSP and static sites here:

1 Like