Use same origin for Custom Loader domain?

Custom Loader
1

I am very excited about this new feature!

When using custom loader:

  • is it possible to also use same origin domain to serve the GTM JS?

The custom loader generator still uses subdomains.

Help article

2

There is no point in loading JS through the same origin. Same origin is needed to bypass cookie restrictions, loading JS has nothing to do with cookies so it is recommended to load JS from a subdomain, this will also reduce the unnecessary load on your same origin method (CF/ngnix/etc).

1 Like
3

Thanks for clearing this up!

1 Like
4

Thank you Alex!

I have some follow up question, if I may :smiley:

  1. is same origin your answer to to browsers blocking CNAME requests, expecially when it points to known servers and IP? (e.g. Stape being on some blocklists for sure)

  2. does Same origin prevent browsers to be able to block those requests, because the proxying is happening out of sight from a browsers perspective?

  3. If browsers, like brave, already block CNAME requests, will it also block the GTM container from being downloaded? (because Brave can see, that the destination is a Stape IP for example)

Thanks in advance!

5

is same origin your answer to to browsers blocking CNAME requests, expecially when it points to known servers and IP? (e.g. Stape being on some blocklists for sure)

Yes, using same origin your request is sent to the same IP address where your web is located

does Same origin prevent browsers to be able to block those requests, because the proxying is happening out of sight from a browsers perspective?

Browsers (or adblockers) block requests based on patterns. Same origin doesn’t help much here, but Custom Loader does, which encrypts request paths for loading GTM container and for GA4. This way requests are not subject to patterns used by adblockers/browsers.

If browsers, like brave, already block CNAME requests, will it also block the GTM container from being downloaded? (because Brave can see, that the destination is a Stape IP for example)

I don’t know of any browsers blocking any IP requests. Requests to googletagmanager.com or google-analytics.com, or downloading files named gtm.js and other similar patterns are blocked.

You can read more about adblockers and blocking here:

And about same origin and bypassing cookie restrictions here: