Untitled

The network blocker intercepts outgoing fetch and XMLHttpRequest calls and blocks them based on consent state and domain rules. This catches tracking requests that happen outside of script loading - for example, beacon calls, API requests to analytics endpoints, or pixel fires from already-loaded scripts.

Rule Matching

Rules match requests using three criteria:

Domain matching

The domain field matches the request hostname. Subdomains are automatically included - a rule for google-analytics.com also matches www.google-analytics.com and stats.google-analytics.com.

Path matching

The optional pathIncludes field requires the request URL path to contain the specified substring. This lets you target specific endpoints without blocking the entire domain.

Method matching

The optional methods array restricts the rule to specific HTTP methods. If omitted, the rule applies to all methods.

Consent Conditions

Like the script loader, category accepts a HasCondition:

// Simple
{
  category: 'measurement';
}

// Must have both
{
  category: {
    and: ['measurement', 'marketing'];
  }
}

// Must have either
{
  category: {
    or: ['measurement', 'marketing'];
  }
}

Monitoring Blocked Requests

Console logging

Blocked requests are logged to the console by default. Disable with logBlockedRequests: false.

Callback

Use onRequestBlocked to handle blocked requests programmatically:

networkBlocker: {
  rules: [...],
  onRequestBlocked: ({ method, url, rule }) => {
    console.log(`Blocked ${method} ${url} (rule: ${rule?.id})`);
  },
}

API Reference