Javascript抛出:拒绝执行内联事件处理程序,因为它违反了以下内容安全策略指令:“script-src'self'
[英]Javascript throwing : Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self'
问题描述
I'm newbie in google chrome extention delveopment. 
我是google chrome extention开发的新手。 I'm trying to develop a simple extension and i keep getting the error above. 我正在尝试开发一个简单的扩展,我不断收到上面的错误。
my manifest: 我的清单:
{
"name": "set my favourties",
"description" : "just another super awesome plugin",
"version" : "0.1",
"background": {
"page": "backround.html"
},
"manifest_version": 2,
"content_security_policy": "script-src 'self' https://www.google.com; object-src 'self'",
"browser_action" :{
"popup" : "popup.html",
"default_icon" : "icon.gif"
},
"permissions" : ["notifications"]
}
the html code: HTML代码:
<html>
<head>
<script src = "backround.js">
</script>
</head>
<body onload = "loadHandler()">
</body>
</html>
and the js: 和js:
function loadHandler(){
window.webkitNotifications.createNotification("icon.gif","Plugin Loaded","it was loaded").show();
}
thanks in advance 提前致谢
Nir 尼尔
2 个解决方案
解决方案1
17 已采纳 2013-03-27 11:37:19
If this wasn't a Chrome extension, you could add but you should avoid using inline event handlers at all. 'unsafe-inline' to the list of acceptable places to load scripts from, 如果这不是Chrome扩展程序,您可以将'unsafe-inline'添加到可加载脚本的可接受位置列表中, 但你应该避免使用内联事件处理程序。
Replace (in the HTML): 替换(在HTML中):
onload = "loadHandler()"
with (in the script): with(在脚本中):
window.addEventListener('load', loadHandler);
解决方案2
6 2013-03-28 20:41:46
Correct. 正确。 This is documented here: http://developer.chrome.com/extensions/tut_migration_to_manifest_v2.html#inline_scripts 这在此处记录: http : //developer.chrome.com/extensions/tut_migration_to_manifest_v2.html#inline_scripts
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.