Tealium tag implementation for our shopify app

mkarthique
New Member
12 0 0

Hi,

We are trying to implement the Tealium for our shopify public app which we are developing .  Once the required scripts are loaded in the app, we are facing the below exception in the UI.
Shopify appears to block the tealium from loading citing violation of security.

When attempting to launch Web Companion from Tealium Tools Plugin, we are getting the below error

launchWebCompanion.min.js:1 Refused to load the script 'https://tags.tiqcdn.com/utui/utui.tagcompanion.js?v=0.015982649975507357' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.shopify.com cdn.shopifycdn.net *.shopifycs.com d2c7xlmseob604.cloudfront.net www.google-analytics.com stats.g.doubleclick.net app.myshopify.io app.myshopify.com c.paypal.com www.paypal.com appcenter.intuit.com mpsnare.iesnare.com api.stripe.com js.stripe.com maps.googleapis.com js.braintreegateway.com www.youtube.com s.ytimg.com".

Appreciate any help for resolving this issue or any details for the Tealium implementation. 

Thanks,

Nithin

 

0 Likes
_JB
Shopify Staff
Shopify Staff
750 86 163

Hey @mkarthique,

In order to investigate further, can you kindly provide a shop_id or url where the issue can be observed? 

JB | Developer Support @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

0 Likes
mkarthique
New Member
12 0 0
Hi,

?

We have our public app InsureShield-Dev installed in our test store https://teststoredev003.myshopify.com/.?We are implementing tealium tag management for our app.
If tealium tools extension is added to google chrome, and if tried to access using web companion option of this extension, I am getting an error

launchWebCompanion.min.js:1 Refused to load the script 'https://tags.tiqcdn.com/utui/utui.tagcompanion.js?v=0.783937876212335'
because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval'
cdn.shopify.com cdn.shopifycdn.net *.shopifycs.com d2c7xlmseob604.cloudfront.net www.google-analytics.com stats.g.doubleclick.net app.shopify.com
app.myshopify.com c.paypal.com www.paypal.com appcenter.intuit.com mpsnare.iesnare.com api.stripe.com js.stripe.com maps.googleapis.com
js.braintreegateway.com www.youtube.com s.ytimg.com".
Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.


[cid:48577150-1b05-401b-b33a-0e321dee7e93]


[cid:5bdeb50d-43f9-4aca-8952-050fe32e142d]


Below is the code where tealium scripts are added:




UPSC APP
<meta charset="utf-8" />




- tealium url



tealium scripts added in local









Thanks Nithin
0 Likes