Skip to content

About CORS policy CSP configuration

We’ve enable magento 2 CSP module which we used to have disable. We configure all the white list and it works fine for most of the website. We only have issues when users clicks embeded youtube videos, the website show this error:

Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20241009&foc_id=qhnX4jA0A5paNd1v-zEysw&label=followon_view&ptype=no_rmkt&random=264236587&cv_attributed=0' (redirected from 'https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20241009&foc_id=qhnX4jA0A5paNd1v-zEysw&label=followon_view&ptype=no_rmkt&random=264236587') from origin 'https://www.youtube.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

enter image description here

If anyone could help us to add this whitelist, we use apache and magento 2.4.4-p2. Thank you