堆栈内存溢出
  简体   繁体   English

Firefox / Chrome Web扩展-尝试通过内容脚本注入IFrame时出现安全错误

[英]Firefox/Chrome Web Extension - Security Error When Trying To Inject IFrame Through Content Script

 原文  2018-04-15 22:15:10       javascript/ iframe/ google-chrome-extension/ firefox-webextensions/ content-script

问题描述

I have the following really simple code in a content script that runs whenever a button in my "popup.html" file is pressed: 每当按下“ popup.html”文件中的按钮时,内容脚本中就会运行以下非常简单的代码:

Section of code inside "inject.js" “ inject.js”内部的代码部分 

browser.runtime.onMessage.addListener((message) => {
    console.log("Trying to inject iFrame");
    var iframe = document.createElement("iframe");
    iframe.src = browser.extension.getURL("inject.html");
    document.body.appendChild(iframe);
});

The content of "inject.html" is: “ inject.html”的内容是: 

<!DOCTYPE html>
<html>

<head>
</head>

<body>
    <p>
        Hello. This is a Test.
    </p>
</body>

</html>

However, when this code runs I get the following output in the console (Using "example.com: as an example URL): 但是,运行此代码时,我在控制台中得到以下输出(使用“ example.com:作为示例URL”):

Trying to inject iFrame 尝试注入iFrame
Security Error: Content at http://example.com/ may not load or link to moz-extension://218287b3-46eb-4cf6-a27f-45b9369c0cd9/inject.html. 安全错误: http//example.com/上的内容可能无法加载或链接到moz-extension://218287b3-46eb-4cf6-a27f-45b9369c0cd9/inject.html。

Here is my "manifest.json" 这是我的“ manifest.json” 

{
"manifest_version": 2,
"name": "Summarizer",
"version": "1.0",

"description": "Summarizes webpages",

"permissions": [
    "activeTab",
    "tabs",
    "storage",
    "downloads",
    "*://*.smmry.com/*"
],

"icons":
{
    "48": "icons/border-48.png"
},

"browser_action":
{
    "browser_style": true,
    "default_popup": "popup/choose_length_page.html",
    "default_icon":
    {
        "16": "icons/summarizer-icon-16.png",
        "32": "icons/summarizer-icon-32.png"
    }
}

"web_accessible_resources": [
    "inject.html"
]
}

And, lastly, here is the top level file structure of my extension: 最后,这是我的扩展程序的顶级文件结构:

Extension_File_Structure

How can I fix this security error? 如何解决此安全错误?

This is not a duplicate of this: Security error in Firefox WebExtension when trying getUrl image because I provided the full path in my manifest.json 这不是重复的: 尝试getUrl图像时Firefox WebExtension中的安全错误,因为我在manifest.json提供了完整路径

1 个解决方案

解决方案1
 0 已采纳  2018-04-15 22:32:25

I was missing a comma. 我错过了一个逗号。 Here is the relevant portion of the manifest.json with the comma in place: 这是manifest.json的相关部分,并带有逗号: 

"browser_action":
{
    "browser_style": true,
    "default_popup": "popup/choose_length_page.html",
    "default_icon":
    {
        "16": "icons/summarizer-icon-16.png",
        "32": "icons/summarizer-icon-32.png"
    }
},

"web_accessible_resources": [
    "inject.html"
]

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Web扩展-Iframe Source执行脚本时出现内容安全策略错误 - Web Extension - Content Security Policy Error when Iframe Source Executes Script 将按钮注入网站(Chrome扩展程序内容脚本) - Inject button into site (Chrome Extension content script) Chrome扩展程序:创建标签然后将内容脚本注入其中 - Chrome extension: create tab then inject content script into it Chrome扩展程序使内容脚本能够访问iframe - Chrome extension enable content script to access iframe 以编程方式在扩展程序上注入内容脚本(Chrome扩展程序) - Inject content script on extension reload programmatically (chrome extension) 将内容脚本插入到其他扩展名的操作弹出窗口中的iframe中? - Inject a content script into an iframe, within an action popup, of a different extension? Firefox WebExtensions 注入 iframe 中的脚本 - Firefox WebExtensions inject script in iframe Chrome 扩展程序:内容安全策略错误 - Chrome Extension: Content Security Policy Error Chrome扩展程序:yql API错误:内容安全 - Chrome Extension: yql API ERROR: Content Security Chrome扩展程序内容安全策略指令错误 - Chrome extension Content Security Policy directive error
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM