CF Beacon XSS & Caching

Hi!

If I assumed correctly

https://static.cloudflareinsights.com/beacon.min.js/

https://static.cloudflareinsights.com/beacon.min.js/

https://static.cloudflareinsights.com/beacon.min.js/

https://static.cloudflareinsights.com/beacon.min.js/ is added for analytics when I enable Web Page Analytics.
For my website I enabled the Cloudflare standard Security Ruleset which includes the XSS protections. But in the console I now see:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://static.cloudflareinsights.com/beacon.min.js/XYZ. (Reason: CORS request did not succeed). Status code: (null).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://static.cloudflareinsights.com/beacon.min.js/XYZ. (Reason: CORS request did not succeed). Status code: (null).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://static.cloudflareinsights.com/beacon.min.js/XYZ. (Reason: CORS request did not succeed). Status code: (null).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://static.cloudflareinsights.com/beacon.min.js/XYZ. (Reason: CORS request did not succeed). Status code: (null).

At the same time, when I do Lighthouse analytics it suggests:

Serve static assets with an efficient cache policy

Serve static assets with an efficient cache policy

Serve static assets with an efficient cache policy

Serve static assets with an efficient cache policy for the beacon specifically.

How do I square this circle, what are the best practices for this beacon?

(My apologies if this is the wrong forum, could not decide between General and Pages)

CF Beacon XSS & Caching

Similar Threads

Similar Threads

Similar Threads