Menu
I'm using (what looks to me like) new Google Analytics tracking code that I got from my account yesterday. It makes use of some "Global site tag". I've placed it at the top of my , as GA instructs, but I'm getting a cross origin error when loading my page, so GA isn't tracking my site correctly.
This is the exact message:
Access to Script at 'https://www.googletagmanager.com/gtag/js?id={my-id}' from origin '{my website}' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://www.googletagmanager.com' that is not equal to the supplied origin.
The script that is causing this error is included like this
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="//www.googletagmanager.com/gtag/js?id={my-id}"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', '{my-id}');
</script>
That code above is exactly as it comes from Google Analytics, so I'm not sure why it isn't working..
Is anyone able to help?
680
Follow the steps below: Step-1: Install the Google Tag Assistant Chrome extension and then enable it. Step-2: Install the Google Analytics debugger chrome extension and then enable it. The GA debugger reports on error messages and warnings related to your tracking code in the developer console and tag assistant.
To get rid of a CORS error, you can download a browser extension like CORS Unblock. The extension appends Access-Control-Allow-Origin: * to every HTTP response when it is enabled. It can also add custom Access-Control-Allow-Origin and Access-Control-Allow-Methods headers to the responses.
Why is CORS blocked? It is to prevent cross-site request forgery. Let's say you log in to facebook.com and your browser stores the authentication token so that in the future you get logged in automatically. And for every request to the origin facebook.com, these auth-token headers will be present.
To auto link my domains, I select more settings in Google Tag Manager. Then, I navigate to the Cross Domain Tracking drop down. In the auto-linking field, I enter each of my domains in a comma-separated string. After I double-check my settings, I can save my progress to enable my changes.
So far (11/6/2020) the issue does not seem to have been resolved by the GTM dev team to the AMP scripts also... https://support.google.com/tagmanager/thread/15985818?hl=en&msgid=37309069
141
I've run into a similar error myself. If you are new to Google Tag Manager maybe it's because you haven't published the tag manager yet. You can check if this is your case by visiting:
https://tagmanager.google.com
And checking whether the green pane says "Container Not Published"
If this is is your case, then the GTM will not load since it's kind of in "draft" mode and not ready to use.
As soon as you have published your first version, it will start working normally.
If you make any changes to your GTM, remember to publish a new version to see the results in your website.
25
2020-04-24 update Google has apparently fixed this, so the error described in the question should no longer occur, per https://support.google.com/tagmanager/thread/15985818?&msgid=37309069 and as noted in the comments to this answer,
2018-01-18 answer
As far as this error message:
Access to Script at 'googletagmanager.com/gtag/js?id={my-id}' from origin '{my website}' has been blocked by CORS policy
…the only case when you should be seeing that error message is if your script element has a crossorigin attribute; e.g., crossorigin="anonymous".
If you’re not adding that crossorigin="anonymous" attribute in any of your own code, you may be using some CDN system that’s injecting it.
42
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
