Content Security Policy Error in Chrome with Google Analytics and uBlock Origin
You're seeing that error because you have an ad-blocking extension installed (Ghostery or uBlock Origin) and the extension replaces the google analytics script with an inline base64 script - which is not allowed by your Content Security Policy.
This would work for typical install when the user does NOT have an ad-blocker installed:
Header always set Content-Security-Policy "default-src https://www.google-analytics.com"
But you get an error when you have an ad-blocker installed. To resolve the console error you need to add an additional scheme to the CSP.
Header always set Content-Security-Policy "default-src 'self' data: https://www.google-analytics.com"
Note that the
data: is a scheme modifier of 'self' in this case.
Also note that the
Header always set code refernces are for Apache2 so you'll need to modify the code for whatever server you're using.
Cheers and happy hacking,