Skip to content

Commit

Permalink
Add Scarf.sh pixel - open source analytics & marketing intelligence
Browse files Browse the repository at this point in the history
  • Loading branch information
@atodorov
atodorov committed Feb 2, 2025
1 parent 87dd61f commit 7240542
Show file tree
Hide file tree
Showing 5 changed files with 11 additions and 4 deletions.
2 changes: 1 addition & 1 deletion etc/nginx.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ http {
}

# WARNING: make sure these match tcms.core.middleware.ExtraHeadersMiddleware
add_header Content-Security-Policy "script-src 'self' cdn.crowdin.com *.ethicalads.io plausible.io;";
add_header Content-Security-Policy "script-src 'self' cdn.crowdin.com *.ethicalads.io plausible.io static.scarf.sh;";

server {
listen 8080;
Expand Down
2 changes: 1 addition & 1 deletion tcms/core/middleware.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ class ExtraHeadersMiddleware(MiddlewareMixin):
def process_response(self, request, response):
if settings.DEBUG:
response.headers["Content-Security-Policy"] = (
"script-src 'self' cdn.crowdin.com *.ethicalads.io plausible.io;"
"script-src 'self' cdn.crowdin.com *.ethicalads.io plausible.io static.scarf.sh;"
)

if request.path.find("/uploads/") > -1:
Expand Down
3 changes: 3 additions & 0 deletions tcms/settings/common.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -589,3 +589,6 @@

# https://plausible.io/kiwitcms-container
PLAUSIBLE_DOMAIN = "kiwitcms-container"

# https://app.scarf.sh/analytics/kiwitcms?pixelId=d7cc874e-5b3b-409f-bb20-bb1e410cdcb0
SCARF_PIXEL_ID = "d7cc874e-5b3b-409f-bb20-bb1e410cdcb0"
4 changes: 4 additions & 0 deletions tcms/templates/base.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,5 +66,9 @@

{% block contents %}{% endblock %}
{% include 'include/ads.html' %}

{% if SETTINGS.ANONYMOUS_ANALYTICS %}
<img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid={{ SETTINGS.SCARF_PIXEL_ID }}">
{% endif %}
</body>
</html>
4 changes: 2 additions & 2 deletions tests/test_http.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,8 +93,8 @@ _EOF_
rlPhaseEnd

rlPhaseStartTest "Should send Content-Security-Policy header"
rlRun -t -c "curl -k -D- $HTTPS 2>/dev/null | grep $'Content-Security-Policy: script-src \'self\' cdn.crowdin.com \*.ethicalads.io plausible.io;'"
rlRun -t -c "curl -k -D- $PROXY 2>/dev/null | grep $'Content-Security-Policy: script-src \'self\' cdn.crowdin.com \*.ethicalads.io plausible.io;'"
rlRun -t -c "curl -k -D- $HTTPS 2>/dev/null | grep $'Content-Security-Policy: script-src \'self\' cdn.crowdin.com \*.ethicalads.io plausible.io static.scarf.sh;'"
rlRun -t -c "curl -k -D- $PROXY 2>/dev/null | grep $'Content-Security-Policy: script-src \'self\' cdn.crowdin.com \*.ethicalads.io plausible.io static.scarf.sh;'"
rlPhaseEnd

rlPhaseStartTest "Should not execute inline JavaScript"
Expand Down

0 comments on commit 7240542

Please sign in to comment.