src/module-elasticsuite-analytics/etc/csp_whitelist.xml
<?xml version="1.0"?>
<!--
/**
* DISCLAIMER
*
* Do not edit or add to this file if you wish to upgrade Smile ElasticSuite to newer
* versions in the future.
*
* @category Smile
* @package Smile\ElasticsuiteAnalytics
* @author Vadym Honcharuk <vahonc@smile.fr>
* @copyright 2021 Smile
* @license Open Software License ("OSL") v. 3.0
*/
-->
<csp_whitelist xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Csp/etc/csp_whitelist.xsd">
<policies>
<policy id="script-src">
<values>
<!-- Google -->
<value id="google" type="host">*.google.com</value>
<!-- G Static -->
<value id="g-static" type="host">*.gstatic.com</value>
</values>
</policy>
<policy id="style-src">
<values>
<!-- Google APIs -->
<value id="google-apis" type="host">*.googleapis.com</value>
<!-- G Static -->
<value id="g-static" type="host">*.gstatic.com</value>
</values>
</policy>
<policy id="font-src">
<values>
<!-- G Static -->
<value id="g-static" type="host">*.gstatic.com</value>
<!-- Data Scheme - Base64 Encoded Fonts -->
<value id="data-font" type="host">'self' data:</value>
</values>
</policy>
<policy id="img-src">
<values>
<!-- Data Scheme - Base64 Encoded Images -->
<value id="data-image" type="host">'self' data:</value>
</values>
</policy>
<policy id="connect-src">
<values>
<!-- Google Analytics -->
<value id="google-analytics" type="host">*.google-analytics.com</value>
</values>
</policy>
<policy id="default-src">
<values>
<!-- Google APIs -->
<value id="google_fallback" type="host">*.googleapis.com</value>
</values>
</policy>
</policies>
</csp_whitelist>