Issue
Content security policy reports may note that https://js-agent.newrelic.com/nr-1169.min.js, has been blocked.
Resolution
The origin of that script may not be obvious from your code, but it is a legitimate script injected by our platform for New Relic monitoring. To resolve a report like that, you have two options:
- Change your content security policy to allow scripts to originate from js-agent.newrelic.com, as it is a legitimate script and adds information to the New Relic troubleshooting tool. This can be managed with the Content-Security-Policy module. The Security Kit module also offers configuration for content security policies.
- If you would like to disable the JavaScript injection, our documentation on disabling it for AMP pages (necessary for AMP validation) offers guidance on doing that. To remove the script's injection site-wide, remove the conditional from the code offered there.
We recommend keeping the JavaScript agent, as New Relic offers detailed and useful information for troubleshooting performance issues.