@yigit @HardAtWork I'm seeing exceeded CPU from a Function not from Zaraz or anything else. Happening most in LIS. I see ~300 instances

This is over the last 24 hours

Last 7 days, all Function:

@yoav about 6 months ago we moved our zaraz facebook implementation back to the client because the zaraz implementation didn't support facebook audience population. At the time Lucas said you guys were considering adding a client pixel to the zaraz FB implementation for this purpose. Do you know if there's any progress regarding this option?

Hey @dean.me no there hasn't been. We're focusing on getting our server-side implementations complete

what does a 405 response on a POST to the HTTP Events API usually mean?

oh right I have instant logs

Mine has Zaraz tools configured, but I get a 405 still. Ticket #2805948, I think I'm doing something stupid.

I can see a few messages regarding Zaraz events not making it to GA4. We're seeing only about half the events in GA4 as there are in Zaraz monitoring and some other tools. Is this a known issue? Should we persist with Zaraz for GA4 or go back to GTM?

Maybe Clarity support one day? 😄

oh my gosh thank you! Been wanting this for months!

We use with Custom HTML

yeah but that still requires the client to POST data to Microsoft directly, which is often blocked.

What is blocked? We can see the recording of our sites normally on Clarity using the script in Custom HTML and trigger on page view

the adblocker I use blocks Clarity. 🤷‍♂️

👍 Our clients don't use adblockers. I think they don't even know how to install.

if Clarity had server-side Zaraz, it'd probably still improve perf for your clients.

Hi Zaraz team 👋 We have just enabled Zaraz on a website that has an existing CSP configuration. Our issue is that csp is blocking the 3rd party scripts being executed by s.js, with messages like this:

w.zarazData.executed.push("Pageview");})(window,document)[...] EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive
Refused to connect to 'https://track.hubspot.com/__ptq.gif?[...]17' because it violates the document's Content Security Policy.

We have been reading your docs and stumbled upon this in the notes: "*Cloudflare Zaraz is still not 100% compliant with CSP because some tools still need to use eval() - usually for setting cookies, but we’re already working on a different approach so, stay tuned!*" Is there any updates or any way around this besides adding unsafe-eval? 
 Thanks!

As all tools are being converted to Managed Components, support for working without

unsafe-eval

is more widespread. YMMV depending on which tools you have, but if they're marked as Legacy I highly recommend updating them.

In my case the stupid mistake I made was I put wrong JSON in the body when I post request with POSTMAN. Wrong

wrong
        {
            method: 'POST',
            headers: {
                'Content-Type': 'application/json',
            },
            body: `{
                "events": [
                    {
                        "client": {
                            "__zarazTrack": "transaction successful",
                            "value": "200"
                        }
                    }
                ]
            }`,
        }

Right

right
           {
                "events": [
                    {
                        "client": {
                            "__zarazTrack": "transaction successful",
                            "value": "200"
                        }
                    }
                ]
            }

to follow up, the reason was because we were trying to submit a POST request to Zaraz from the a Worker listening on the same zone (which is a no-no).

what do you mean by "zone"?

like my worker was listening on

api.example.com

, and I was trying to POST to

www.example.com/zaraz_endpoint_here

Is that really a no-no? I have a Pages function on

xxx.zenuml.com/installed

and the zaraz endpoint at

zenuml.com/zaraz/api

. It seems working fine.

It doesn't look like it is working. Are you sure that the field can be empty without any value to use the GA user id? I am user Zaraz Debugger and can't see the user id

Few diff ways to achieve this: - (Recommended) create a Cloudflare Configuration rule. Set a custom filter expression that matches on the hostname, and then select disable Zaraz - Initialize the Zaraz script manually through a script tag instead of relying on auto-injection. Option two would make the most sense only if A) you ran out of configuration rules on your plan or B) you only want Zaraz on a specific host, and wanted to exclude all other subdomains.

Dre

The custom HTML is typically used for things like tracking scripts that don't have a managed component built. You can think of it like how GTM inserts scripts in the client because rather than the Zaraz native approach of managed components that work serverside (internally within zaraz's sysyem) the custom HTML is delivered to the client. So if the custom HTML tool is enabled, not blocked by a blocking trigger, and a firing trigger is configured the HTML will be injected into the page. If you want custom contol over when it is injected you should use a custom event as the tool's firing trigger and call that custom event in your client side application's javascript.

For reference, this can be worked-around by using a response header transform rule to remove the

Content-Security-Policy

header, but this obviously disables CSP.