Using ga-audiences on sites that have CSP headers[ Edited ]
November 2015 - last edited November 2015
I'm trying to implement ga-audiences on a site that uses Content-Security-Policy headers.
The audience is tracked via an image pointing to 'https://www.google.com/ads/ga-audiences?...' which wouldn't be a problem to allow if it wouldn't be a different top level domain depending on the users country.
Using a proxy the German URL f.e. the pixel first loads the .com domain but that redirects to: 'https://www.google.de/ads/ga-audiences?...' which can't be accessed anymore.
It's not possible to include all 200 google domains in the CSP due to header-length.
Please advice how one can keep their site secure while still using GA custom audiences.
Re: Using ga-audiences on sites that have CSP headers
But in the end we just went with DFP audiences instead of GA as they work more reliably and cover more of our use case.