GTM both scripts (script / no-script) in header are working? - google-tag-manager

I have a question for GTM tag.
Actually, the customer put GTM tags (both tags - script /no-script) in the header.
Personally, I think it works well but I am not sure because I have this messages from google tag assistant. (which can verify the tag is working well or not)
enter image description here
Could you give some advice for this one?
I am not sure whether this works just fine or I need to ask customer change something for this one.
Thank you

If you have the option to implement the tag correctly you should. If you are using WordPress you could also use a plug-in.

The purpose of having and tag is ,
tag is used by default to collect analytics on the site and it is placed in header because its a tag(all scripts should be in header) and to collect information immediately when the page starts loading .
The shouldn't be placed in header section because its not a script and only scripts should be in header and also the use of tag is if a user disables the javascript while browsing the site then the no script tag will be used to collect the analytics on the site .
So, the its always good to place script tag in header as high as possible and no script in body as high as possible

Related

Adding Programmable Search through Tag Manager

Is there a way to add the following script, required by Google Programmable Search to Google Tag Manager? Just trying to minimize separate scripts included in my code.
<script async src="https://cse.google.com/cse.js?cx=e14513e5d62xxxxxx"></script>
NM, figured it out. In case someone cares, here's how you do it:
Keep the code part where you want to include your search in the page code.
The above script can be added to GTM via Custom HTML tag. Just drop it there and it's done.
Cheers

Is there a way to get Content Security Policy 2 to work with Google Tag Manager?

I added the Content-Security-Policy header to our servers' responses, but the browser throws errors when Google Tag Manager (GTM) injects Custom HTML tags.
CSP3 has 'strict-dynamic' which appears custom-made for GTM, but currently only Chrome supports it, and CSP3 is a Working Draft.
I wrote code to get the Custom HTML tags via the GTM API, hoping I might take the scripts' hashes and add them to the header, but I found that the JavaScript provided by the API didn't match what GTM was injecting into the DOM, because GTM minifies/obfuscates the scripts before injecting them.
Now I'm wondering if maybe, just maybe, there's a way to tell GTM to add a nonce to each script it injects, but I can't find any documentation to support this hope/fantasy.
Has anyone run into this, and found a way to fix this?
(I can't just extract the hosts from the scripts as mentioned here - How to make Google Tag Manager and Content-Security-Policy coexist? - because the Custom HTML tags added by our Marketing Team are tags with non-empty bodies, not just tags with a source attribute and no body.)

How to apply css to google calender iframe...?

I want to apply css to google calender iframe. I had tried with Jquery but it gives JavaScript security error. However I also tried this link
Got success but many of its links goes to 404 page as it takes my domain as base URL
You will face a security error when you apply css using javascript to an iframe that contains a page in a different domain. but this problem has a workaround by using document.domain if both documents are on the same top level domain, are using the same protocol & you can add the following line of JavaScript to the page in the iframe:
document.domain = "example.com";
the page containing the iframe needs the same line to make the domains match. Once this is in place, the script running on your main page is allowed to access properties of the document in the iframe element –
You cannot apply css to a iFrame ...
An iframe is a 'hole' in your page that displays another web page
inside of it. The contents of the iframe is not in any shape or form
part of your parent page.
From here
The reason behind that is security. If you have blabla.com in one
window and gmail.com in another one, then you’d not want a script from
blabla.com to access or modify your mail or run actions in context of
gmail on your behalf.
From here
If the iFrame is on the same domain and it doesnt violate the "Same-origin policy", you can work around this situation like this:
$('iframe').load( function() {
$('iframe').contents().find("head")
.append($("<style type='text/css'> .my-class{display:none;} </style>"));
});
Solution posted here
Anyway, if you are not violating the "Same-orgin policy", you probably don't want to use an iFrame.

OpenX --- javascript in banners

Does OpenX allow to create banners that contain executable javascript code?
I need Javascript in banner, to process clicks (an another events) on some banner elements.
I'am going to use type of banner invocation --- Javascript Tag
You can choose the type of the banner as "OpenX Generic HTML Banner"
Then write your executable java script codes
Regards,
Chinnu.G
You can also prepend/append any kind of code (html/css/js) through zone and banner settings (advanced tab). I've used this to attach custom google analytics event tracking depending on the zone and banner combination... works like a charm

How to attach html file so that gmail's "view" option works

I have a script that sends an email with an html attachment. When I select "view" in gmail I get text...however when I click on "download" instead of "view", then open it, it displays as it should.
I think it's gmail related because I observe the exact same behavior from IE, FireFox(win/linux), Chrome(win/linux)
I made a youtube video of here:
http://www.youtube.com/watch?v=WkGyxcFQXS8
Am I doing something wrong?
Thanks
Not all email clients support the <style> tag. Gmail is one of those; it only respects in-line styling.
If your code is producing the css & html, then you could change it to use in-line styles for the table.
If you want something more auto-magic, see How do I use Google Apps Script to change a CSS page to one with inline styles?.
One way around this would be to have your script simply host the HTML file somewhere, and email a link to that file.
I cannot find any documentation from Google or the GMail team, but I would be surprised if they allowed HTML attachments to be opened and viewed (this would be a security risk, since they would essentially allow their email servers to host user-generated web content).

Resources