Hello, my company website uses the Google GTM service and is triggered by the iframe tag.
We hope that the iframe alarm can be maintained to avoid being injected by hackers, but the URL of the GTM service can be set as an exception.
I have used the built-in exception exclusion function, but obviously there is no way to deal with the http body. Can anyone provide suggestions or assistance? Thank you.
Signature
<iframe src=https://www.googletagmanager.com/ns.html?id=xxxxxxx height="0" width="0" style="display:none;visibility:hidden"></iframe>
Desired effect
If see other iframe tags, will be alerted, but the tag content contains src=https://www.googletagmanager.com/ns.html?id=xxxxxxx, set exception
