I have a popular Chrome Extension that fails on sites using CSP .
The extension enriches content on the sites my users visit, according to some settings they have configured.
On sites with a CSP policy, I get the following error when executing JS: This document requires 'TrustedScriptURL' assignment
How can I run my extension on these sites - can I use the site's CSP f.ex., or would that be bad practice?
Maybe you can try this
<meta http-equiv="Content-Security-Policy" content=" default-src 'self' http://* https://*; connect-src 'self' http://* https://*; img-src 'self' http://* https://*;" />
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.