Not a customer? Click the 'Start a free trial' link to begin a 30-day SaaS trial of our product and to join our community.
Existing Cisco AppDynamics customers should click the 'Sign In' button to authenticate to access the community
on 09-13-2017 12:43 PM - edited on 10-12-2018 02:33 PM by Nina.Wolinsky
The user has instrumented a web application with version 4.3 adrum-config.js, but they do not see the adrum beacon posted.
Opening a browser's dev tools shows the following error message:
html:51 A Parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.appdynamics.com/adrum/adrum.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message.See https://www.chromestatus.com/feature/5718547946799104 for more details.
Solution:
Users who try to run the document.write
command from the adrum-config.js file will fail, as the file is served from a different domain, so the browser will not allow it.
document.write
code from the adrum-config.js file and add the adrum.js manually via the script tag.
window['adrum-start-time'] = new Date().getTime();
(function(config){
config.appKey = 'AD-AAB-XXX-XXX';
config.adrumExtUrlHttp = 'http://cdn.appdynamics.com';
config.adrumExtUrlHttps = 'https://cdn.appdynamics.com';
config.beaconUrlHttp = 'http://col.eum-appdynamics.com';
config.beaconUrlHttps = 'https://col.eum-appdynamics.com';
config.xd = {enable : false};
})(window['adrum-config'] || (window['adrum-config'] = {}));
And within the index.html:
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">
...
...
<script src="/assets/adrum/adrum-config.js"></script>
<script src="https://cdn.appdynamics.com/adrum/adrum.js"></script>
...
...
</head>
<body>
...
...
</body>
</html>
Hi Erin, Gaurav,
This helped me a lot. however my issue was the application team had incorporated content default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; CSP policy. Therefore the above solution did not work completely.
Below is what worked out.
Add cdn.appdynamics.com and col.eum-appdynamics.com to the content in the CSP policy as below
content="default-src 'self' cdn.appdynamics.com col.eum-appdynamics.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.appdynamics.com col.eum-appdynamics.com;"
PLUS your changes that you have suggested.
Regards,
Alakshya
HI Alakshya,
Thanks for pointing. That bit is covered here: https://docs.appdynamics.com/pages/viewpage.action?pageId=42584066
Regards,
Gaurav Soni
Thanks for the reference Gaurav.
Regards,
Thank you! Your submission has been received!
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form