Overview
GTM uses a sophisticated service worker implementation to handle conversion tracking and ad measurement when cookies/storage are restricted. This provides a privacy-preserving way to measure ad effectiveness without relying on third-party cookies.
Key Components
1. Service Worker Architecture
- Service worker runs in googletagmanager.com context
- Uses Hybrid Public Key Encryption (HPKE) for secure data transmission
- Implements Attribution Reporting API integration
- Can queue and retry failed conversion events
2. Third-Party Iframe Integration
- GTM loads a 3p iframe from googletagmanager.com domain
- Service worker gets registered in iframe’s context
- Provides isolated execution environment separate from main page
- Allows cross-origin requests to Google’s ad servers
3. Flow When Cookies are Blocked
- Conversion event occurs on main site
- GTM detects cookies are blocked
- Conversion data gets encrypted using HPKE
- Data sent through iframe to service worker
- Service worker processes and queues data
- Uses Attribution Reporting API or network requests to report conversion
4. Privacy Mechanisms
- Client-side encryption of conversion data using HPKE
- Isolated execution context via 3p iframe
- Leverages modern privacy APIs (Attribution Reporting)
- No reliance on third-party cookies
- Service worker provides persistent capabilities without cookies
5. Technical Implementation
- Service worker registered at
/static/service_worker/4cc0/sw.js - Uses HPKE for encrypting sensitive data
- Implements message handling for iframe communication
- Custom fetch handling for network requests
- Supports Attribution Reporting API headers
Key Files/Paths
- Service Worker:
/static/service_worker/4cc0/sw.js - Iframe URL:
googletagmanager.com/static/service_worker/4cc0/sw_iframe.html - Origin: googletagmanager.com
References
Found while inspecting Google Tag Manager container implementation. Service worker code includes copyright notices from Google LLC.