从带有 chrome 扩展 v3 的内容脚本中注入 javascript
[英]Inject javascript from content script with a chrome extension v3
问题描述
I'm migration my extension from V2 to V3.
我正在将我的扩展从 V2 迁移到 V3。 Now all is working fine except for one thing.现在一切正常,除了一件事。 In my V2 version I did在我的 V2 版本中,我做了
const actualCode = '(' + function () { 'console.log("demo");' } + `)();`;
const script = document.createElement('script');
script.textContent = actualCode;
(document.head || document.documentElement).appendChild(script);
script.remove();
Note that the console.log("demo") is a simplification of what I need to inject:)请注意, console.log("demo")是对我需要注入的内容的简化:)
I need to inject some javascript for my chrome-extension-magic to take place.我需要注入一些 javascript 以使我的 chrome-extension-magic 发生。
Now, in V3 this doesn't work anymore.现在,在 V3 中,这不再起作用了。 I get the following error in my devtools-console我的 devtools-console 中出现以下错误
content.js:23114
Refused to execute inline script because it violates the following
ContentSecurity Policy directive: "script-src 'self'". Either the
'unsafe-inline' keyword, a hash ('sha256-tN52+5...6d2I/Szq8='), or a nonce
('nonce-...') is required to enable inline execution.
In the migration guide I noticed this section在迁移指南中,我注意到了这个部分
"content_security_policy": {
"extension_pages": "...",
"sandbox": "..."
}
but there is not much description there, so this is magic to me.但是那里没有太多描述,所以这对我来说很神奇。 So I hope someone know can help me with this?所以我希望有人知道可以帮助我吗?
1 个解决方案
解决方案1
3 2022-02-12 16:52:49
Refer to Use a content script to access the page context variables and functions请参阅使用内容脚本访问页面上下文变量和函数
Since content scripts are executed in an "isolated world" environment, we can't do some special dom operations in content_script js.由于content scripts是在“孤立的世界”环境中执行的,所以我们不能在 content_script js 中做一些特殊的dom操作。
This example will show you how to inject inject.js to web page before document start : 此示例将向您展示如何在文档开始之前将 inject.js 注入web页面:
// document_start.js
var s = document.createElement('script');
s.src = chrome.runtime.getURL('inject.js');
s.onload = function() {
this.remove();
};
(document.head || document.documentElement).appendChild(s);
manifest.json example for ManifestV3 manifest.json ManifestV3 示例
"content_scripts": [
{
"matches": ["<all_urls>"],
"js": ["document_start.js"],
"run_at": "document_start" //default document end
}
]
"web_accessible_resources": [{
"resources": ["inject.js"],
"matches": ["<all_urls>"]
}]
解决方案2
-1 2022-09-11 08:32:14
I tried the same code but when I am calling appendChild(s) it's throwing exception "Refused to execute inline script because it violates the following Content Security Policy directive script-src 'self' 'unsafe-eval'. Either the unsafe-inline keyword, a hash or a nonce is required to enable inline execution."我尝试了相同的代码,但是当我调用 appendChild(s) 时,它抛出异常“拒绝执行内联脚本,因为它违反了以下内容安全策略指令 script-src'self''unsafe-eval'。unsafe-inline 关键字,需要 hash 或随机数来启用内联执行。” Even adding "unsafe-inline" is not fixing the issue.即使添加“不安全内联”也不能解决问题。
Can anyone guide me how to inject javascript for Chrome V3.谁能指导我如何为 Chrome V3 注入 javascript。 With V2 I am using appendchild and it's working fine.使用 V2,我正在使用 appendchild,它工作正常。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.