1 files changed, 18 insertions, 2 deletions

diff --git a/spec/features/users/google_analytics_csp_spec.rb b/spec/features/users/google_analytics_csp_spec.rb
index 45cc6c5f39d..0837296922c 100644
--- a/spec/features/users/google_analytics_csp_spec.rb
+++ b/spec/features/users/google_analytics_csp_spec.rb
@@ -3,13 +3,29 @@
 require 'spec_helper'
 
 RSpec.describe 'Google Analytics 4 content security policy', feature_category: :purchase do
+  include ContentSecurityPolicyHelpers
+
+  subject(:csp_header) { response_headers['Content-Security-Policy'] }
+
   it 'includes the GA4 content security policy headers' do
     visit root_path
 
-    expect(response_headers['Content-Security-Policy']).to include(
+    expect(find_csp_directive('script-src', header: csp_header)).to include(
+      '*.googletagmanager.com'
+    )
+
+    expect(find_csp_directive('connect-src', header: csp_header)).to include(
+      '*.googletagmanager.com',
+      '*.google-analytics.com',
+      '*.analytics.google.com',
+      '*.g.doubleclick.net'
+    )
+
+    expect(find_csp_directive('img-src', header: csp_header)).to include(
       '*.googletagmanager.com',
       '*.google-analytics.com',
-      '*.analytics.google.com'
+      '*.analytics.google.com',
+      '*.g.doubleclick.net'
     )
   end
 end