Open
Conversation
Scripts like GTM and GA4 are often blocked by ad blockers and privacy extensions when loaded from third-party domains, leading to data loss. Third-party cookie deprecation further limits tracking durability. This change proxies GTM scripts and analytics beacons through the Trusted Server, establishing a first-party context. It automatically rewrites HTML tags and script content to point to local proxy endpoints, bypassing blockers and extending cookie life. Includes: Proxy endpoints for gtm.js and /collect Content rewriting for redirecting internal GTM calls Configuration and integration tests Resolves: #224
Adds comprehensive tests for: - GTM configuration parsing and default values - HTML processor pipeline integration - Response body rewriting logic
aram356
requested changes
Feb 9, 2026
Collaborator
aram356
left a comment
aram356
left a comment
There was a problem hiding this comment.
🔧 Please make sure checks pass before assigning to review.
aram356
requested changes
Feb 13, 2026
Collaborator
aram356
left a comment
aram356
left a comment
There was a problem hiding this comment.
Good start. Need to address specific items and the following.
Duplicated rewrite logic across three places
The GTM URL rewriting logic exists in three separate methods: rewrite_gtm_script(), IntegrationAttributeRewriter::rewrite(), and IntegrationScriptRewriter::rewrite(). Each handles a slightly different set of patterns. This is error-prone — a new URL pattern needs to be added in multiple places.
…, set default enablement to false, and update documentation for handling
aram356
reviewed
Feb 16, 2026
…ID forwarding for GTM proxy requests
ChristianPavilonis
requested changes
Feb 16, 2026
…nctions, improving request configuration for beacons and scripts
…ogle Tag Manager integration
ChristianPavilonis
requested changes
Feb 18, 2026
Collaborator
|
@prk-Jr Please add (manual) test plan |
aram356
approved these changes
Feb 20, 2026
- Widen IntegrationAttributeRewriter to rewrite href/src for gtag/js and google-analytics.com URLs (not just gtm.js), fixing <link rel=preload> tags not being rewritten on Next.js sites - Add client-side script guard for dynamically inserted GTM/GA scripts using the shared createScriptGuard factory (matches DataDome pattern) - Harden URL regex with delimiter capture group to prevent subdomain spoofing (e.g., www.googletagmanager.com.evil.com) - Add is_rewritable_url helper to selectively rewrite only URLs with corresponding proxy routes (excludes ns.html) - Document gtag/js endpoint in integration guide
gtag.js constructs beacon URLs dynamically from bare domain strings, so rewriting them at the script level produces broken URLs. Instead, add a shared beacon_guard that patches navigator.sendBeacon and window.fetch at runtime to intercept requests to google-analytics.com and analytics.google.com, rewriting them to the first-party proxy. - Add shared beacon_guard.ts factory (sendBeacon + fetch interception) - Wire GTM integration to install beacon guard on init - Require // prefix in Rust GTM_URL_PATTERN to prevent bare domain rewrites - Add tests for both shared factory and GTM-specific beacon interception
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
- Use status 200 instead of 204 (jsdom rejects 204 as null-body status) - Use absolute URLs in test rewriteUrl to satisfy jsdom's Request constructor
ChristianPavilonis
approved these changes
Feb 20, 2026
Collaborator
|
from @jevansnyc There are some differences. For example the "Request Payload" data that shows up on autoblog and not ts.autoblog.com 
|
Collaborator
Author
I looked into it and I found something like this. @jevansnyc can you please point me to the request. 
|
- Add container ID format validation (GTM-XXXXXX pattern) - Fix fragile beacon type detection using ends_with() - Improve error handling in TypeScript guards - Add beacon guard cleanup mechanism for testing - Document IP stripping privacy tradeoff - Document cache behavior and stale handling - Simplify upstream_url() logic (rely on serde defaults) All tests passing. No breaking changes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Scripts like GTM and GA4 are often blocked by ad blockers or privacy extensions when loaded from third-party domains, leading to data loss. Third-party cookie deprecation further limits tracking durability.
This change transparently proxies GTM/GA4 scripts and analytics beacons through the Trusted Server, establishing a first-party context. It automatically rewrites HTML tags (including
<link rel="preload">) and script content to point to local proxy endpoints, bypassing blockers and extending cookie life.Includes:
gtm.js,gtag/js,/collect, and/g/collectwith configurable caching and strict validationsrcandhrefattributes targeting GTM/GA domainswww.googletagmanager.com.evil.com)Manual Test Plan
Prerequisites: Configure
.envwith GTM enabled and a valid container ID, then start the local server.1. Script proxy — gtm.js rewritten
Expected: count > 0
2. Script proxy — gtag/js returns 200
Expected:
2003. gtag/js content rewritten (no Google domains)
Expected:
04. Beacon proxy — POST /g/collect
Expected:
204or2005. Beacon proxy — GET /collect
Expected:
204or2006. Cache headers present
Expected:
cache-control: public, max-age=900Resolves: #224