[英]how to fix error " Refused to execute inline script because it violates the following Content Security Policy directive:
i want using iframe in html but i got this error:我想在 html 中使用 iframe 但我收到了这个错误:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'".拒绝执行内联脚本,因为它违反了以下内容安全策略指令:“script-src 'unsafe-eval' 'self'”。 Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.启用内联执行需要“unsafe-inline”关键字、hash(“sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE=”)或随机数(“nonce-...”)。
my code:我的代码:
<iframe src="test.com" height="200" width="300" title="Iframe Example"></iframe>
how can i fix this error thanks inadvance我该如何解决这个错误谢谢提前
Iframe it has nothing to do with it, you have an inline script like <script>...</script>
in the HTML code. Iframe 与它无关,您在 HTML 代码中有一个像<script>...</script>
这样的内联脚本。 Therefore you have opts:因此,您有选择:
'unsafe-inline'
into script-src
directive (unsafe way)将'unsafe-inline'
添加到script-src
指令中(不安全的方式)'nonce-value'
使用'nonce-value'
'hash-value'
'sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='使用'hash-value'
“sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE=”'self'
token allowance.将内联脚本移动到外部文件,它将属于'self'
令牌限额。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.