如何设置“安全"Google Analytics Global Site Tag (gtag.js) 使用的 cookie 的属性? [英] How to set "secure" attribute of the cookies used by Google Analytics Global Site Tag (gtag.js)?
问题描述
我在我的 Github 页面上使用 Google Analytics Global Site Tag (gtag.js) 跟踪代码.以下跟踪代码作为第一项复制并粘贴到我要跟踪的每个网页的 <HEAD>
中(我将自己的跟踪 ID 替换为 GA_MEASUREMENT_ID
):
I'm using Google Analytics Global Site Tag (gtag.js) tracking code on my Github Pages. The following tracking code is copy-and-pasted as the first item into the <HEAD>
of every webpage I want to track (I replaced my own tracking ID with GA_MEASUREMENT_ID
):
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'GA_MEASUREMENT_ID');
</script>
最近,当我使用 Firefox 浏览器打开我的 Github Pages 站点时,控制台会记录以下警告消息:
Recently, when I open my Github Pages site with Firefox browser, the console logs the following warning messages:
Cookie_ga"很快就会被拒绝,因为它的sameSite"属性设置为none"或无效值,没有secure"属性.要了解有关sameSite"属性的更多信息,请阅读 https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
Cookie_gid"很快就会被拒绝,因为它的sameSite"属性设置为none"或无效值,没有secure"属性.要了解有关sameSite"属性的更多信息,请阅读 https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
我该如何解决这个问题?
How can I fix this issue?
推荐答案
可以自定义 gtag.js cookie 设置.具体来说,我们可以设置cookie_flags
字段来解决问题.
The gtag.js cookie settings can be customized. Specifically, we can set cookie_flags
field to solve the issue.
在跟踪代码中,该行
gtag('config', 'GA_MEASUREMENT_ID');
应该改为
gtag('config', 'GA_MEASUREMENT_ID', { cookie_flags: 'SameSite=None;Secure' });
解决问题.
因此整个跟踪代码应如下所示(不要忘记用您自己的跟踪 ID 替换出现的两次 GA_MEASUREMENT_ID
):
So the whole tracking code should be the following (Don't forget to replace the two occurrences of GA_MEASUREMENT_ID
with your own tracking ID):
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'GA_MEASUREMENT_ID', { cookie_flags: 'SameSite=None;Secure' });
</script>
更新(感谢 @RichDeBourke 评论):
控制台仍然可以记录如下警告消息:
The console can still log a warning message like the following:
Cookie "_ga" has been rejected for invalid domain.
要解决此问题,请gtag 的 cookie 域.js 需要配置.所以原始答案中提到的那一行
To fix the issue, cookie domain of gtag.js needs to be configured. So the line mentioned in the original answer
gtag('config', 'GA_MEASUREMENT_ID', { cookie_flags: 'SameSite=None;Secure' });
应进一步编辑为
gtag('config', 'GA_MEASUREMENT_ID', {
cookie_domain: 'YOUR_GITHUB_PAGES_DOMAIN',
cookie_flags: 'SameSite=None;Secure',
});
然后,整个跟踪代码如下(不要忘记将 YOUR_GITHUB_PAGES_DOMAIN
替换为您自己的 GitHub pages 域(通常为
其中
是您的实际 GitHub 用户名)以及带有您自己的跟踪 ID 的两次 GA_MEASUREMENT_ID
):
Then, the whole tracking code is the following (Don't forget to replace YOUR_GITHUB_PAGES_DOMAIN
with your own GitHub pages domain (which is, typically, <username>.github.io
where <username>
is your actual GitHub user name) and the two occurrences of GA_MEASUREMENT_ID
with your own tracking ID):
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'GA_MEASUREMENT_ID', {
cookie_domain: 'YOUR_GITHUB_PAGES_DOMAIN',
cookie_flags: 'SameSite=None;Secure',
});
</script>
这篇关于如何设置“安全"Google Analytics Global Site Tag (gtag.js) 使用的 cookie 的属性?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!