[英]Using 'script-src' to allow websites isn't affecting error
I'm making a browser extension but the Content Security Policy seems to be blocking some of my content. 我正在扩展浏览器,但是内容安全策略似乎阻止了我的某些内容。 I've added a meta
tag to allow for a website: 我添加了一个meta
标记以允许一个网站:
<meta http-equiv="Content-Security-Policy" content="script-src https://cdnjs.cloudflare.com https://cdn.jsdelivr.net">
I'm still getting the same error message saying that the script-src is being blocked. 我仍然收到相同的错误消息,说script-src被阻止了。
How do I allow my resource to load? 如何允许我的资源加载?
ps I'm targeting Firefox and Google Chrome. ps我的目标是Firefox和Google Chrome。
Nevermind, I needed to put the code in my manifest.json
file, instead of in the <head>
of my html
file. 没关系,我需要将代码放在我的manifest.json
文件中,而不是放在html
文件的<head>
中。 It should look something like this: 它看起来应该像这样:
}
"content_security_policy": "script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://cdn.jsdelivr.net; object-src 'self'",
}
I was able to find an answer in another post to help me with this. 我能够在另一篇文章中找到答案,以帮助我解决这个问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.