堆栈内存溢出
  简体   繁体   English

如何修复错误“拒绝执行内联脚本,因为它违反了以下内容安全策略指令:

[英]how to fix error " Refused to execute inline script because it violates the following Content Security Policy directive:

 原文  2021-01-19 09:24:19       html/ twitter-bootstrap/ iframe/ content-security-policy

问题描述

i want using iframe in html but i got this error:我想在 html 中使用 iframe 但我收到了这个错误:

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'".拒绝执行内联脚本,因为它违反了以下内容安全策略指令:“script-src 'unsafe-eval' 'self'”。 Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.启用内联执行需要“unsafe-inline”关键字、hash(“sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE=”)或随机数(“nonce-...”)。

my code:我的代码:

<iframe src="test.com" height="200" width="300" title="Iframe Example"></iframe>

how can i fix this error thanks inadvance我该如何解决这个错误谢谢提前

1 个解决方案

解决方案1
 0  2021-01-25 07:53:44

Iframe it has nothing to do with it, you have an inline script like <script>...</script> in the HTML code. Iframe 与它无关,您在 HTML 代码中有一个像<script>...</script>这样的内联脚本。 Therefore you have opts:因此,您有选择:

  • to add 'unsafe-inline' into script-src directive (unsafe way)'unsafe-inline'添加到script-src指令中(不安全的方式)
  • to use 'nonce-value'使用'nonce-value'
  • to use 'hash-value' 'sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='使用'hash-value' “sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE=”
  • move inline script to external file, and it will fall under 'self' token allowance.将内联脚本移动到外部文件,它将属于'self'令牌限额。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Cordova 错误:拒绝执行内联脚本,因为它违反了以下内容安全策略指令 - Cordova error: Refused to execute inline script because it violates the following Content Security Policy directive Chrome 扩展策略错误:拒绝执行内联事件处理程序,因为它违反了以下内容安全策略指令 - Chrome extension policy error: Refused to execute inline event handler because it violates the following Content Security Policy directive 拒绝执行内联脚本,因为它违反了以下内容安全策略指令:“default-src 'self'” - Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'" 我不断收到错误“拒绝执行内联事件处理程序,因为它违反了以下内容安全策略指令 - I keep getting the error "Refused to execute inline event handler because it violates the following Content Security Policy directive Chrome 中的 CSS 内联样式错误:“拒绝应用内联样式,因为它违反了以下内容安全策略指令……” - Css inline style error in Chrome: “Refused to apply inline style because it violates the following Content Security Policy directive…” Html 错误:拒绝加载脚本,因为它违反了以下内容安全策略指令 - Html Error: Refused to load the script because it violates the following Content Security Policy directive 拒绝加载脚本,因为它违反了以下内容安全策略指令:“style-src 'self' 'unsafe-inline' - Refused to load the script because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' 拒绝加载脚本,因为它违反了以下内容安全策略指令 - Refused to load scripts because it violates the following Content Security Policy directive Chrome扩展程序“拒绝加载脚本,因为它违反了以下内容安全策略指令” - Chrome Extension “Refused to load the script because it violates the following Content Security Policy directive” 拒绝加载脚本,因为它违反了以下 Content-Security-Policy - Refused to load the script because it violates the following Content-Security-Policy
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM