Back out "Add Google Analytics because why not"

GTM is the canonical way of using Google Analytics with Next.js. However, allowlisting GTM would be a total bypass to CSP, as anyone can upload a script to GTM. Original commit changeset: f84f624
zemn-me · Sep 8, 2023 · 6537fcb · 6537fcb
1 parent b154d3d
commit 6537fcb
Showing 1 changed file with 17 additions and 30 deletions.
diff --git a/ts/next.js/index.tsx b/ts/next.js/index.tsx
@@ -1,5 +1,5 @@
 import Head from 'next/head';
-import Script from 'next/script';
+
 export * as config from 'ts/next.js/next.config';
 
 const BASE_CSP_RULES = [
@@ -16,37 +16,24 @@ export function HeaderTags() {
 			: "default-src 'self'",
 	];
 	return (
-		<>
-			<Head>
-				<meta
-					content={csp_rules.join('; ')}
-					httpEquiv="Content-Security-Policy"
-				/>
-
-				<meta
-					content="same-origin"
-					httpEquiv="Cross-Origin-Resource-Policy"
-				/>
-
-				<meta
-					content="same-origin"
-					httpEquiv="Cross-Origin-Opener-Policy"
-				/>
-				<meta content="nosniff" httpEquiv="X-Content-Type-Options" />
+		<Head>
+			<meta
+				content={csp_rules.join('; ')}
+				httpEquiv="Content-Security-Policy"
+			/>
 
-				<meta content="no-referrer" name="referrer" />
-			</Head>
+			<meta
+				content="same-origin"
+				httpEquiv="Cross-Origin-Resource-Policy"
+			/>
 
-			<Script src="https://www.googletagmanager.com/gtag/js?id=G-9MKZNPVNVS" />
-			<Script id="google-analytics">
-				{`
-				window.dataLayer = window.dataLayer || [];
-				function gtag(){dataLayer.push(arguments);}
-				gtag('js', new Date());
+			<meta
+				content="same-origin"
+				httpEquiv="Cross-Origin-Opener-Policy"
+			/>
+			<meta content="nosniff" httpEquiv="X-Content-Type-Options" />
 
-				gtag('config', 'G-9MKZNPVNVS');
-				`}
-			</Script>
-		</>
+			<meta content="no-referrer" name="referrer" />
+		</Head>
 	);
 }