拒绝加载脚本,因为它违反了以下 Content-Security-Policy
[英]Refused to load the script because it violates the following Content-Security-Policy
问题描述
I didn't used google tag manager url in my code but it still shows the ERROR and HERE is the Error.
我没有在我的代码中使用 google tag manager url 但它仍然显示错误并且这里是错误。
ERROR错误
Refused to load the script 'https://consent.trustarc.com/v2/notice/jznryc' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://www.googletagmanager.com".拒绝加载脚本“https://consent.trustarc.com/v2/notice/jznryc”,因为它违反了以下内容安全策略指令:“script-src 'self' 'unsafe-inline' https://www. googletagmanager.com”。 Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.请注意,未明确设置“script-src-elem”,因此“script-src”用作后备。
this is the code i am using.这是我正在使用的代码。
<meta http-equiv="Content-Security-Policy" content=
"default-src *;
style-src 'self' 'unsafe-inline' ;
script-src 'self' 'unsafe-inline' https://consent.trustarc.com ;
script-src-elem 'self' 'unsafe-inline' ">
1 个解决方案
解决方案1
3 2022-11-21 12:58:39
The most likely explanation is that two (or more) policies are set.最可能的解释是设置了两个(或更多)策略。 Something is setting another CSP, likely in a response header. You will need to find the policy and modify/remove it.正在设置另一个 CSP,可能在响应 header 中。您将需要找到该策略并修改/删除它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.