[英](electron with server) Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script
我正在尝试制作一个电子应用程序,用户可以在其中选择“托管私人服务器”或“加入私人服务器”。 有了它,用户可以与主机或其他用户交换消息,或者创建一个其他人可以加入的房间
当我的代码在 main.js(电子应用程序运行的地方)上时,服务器生成没有问题。 但是,当我尝试将相同的代码放入 Server.js 并在 html 文件中引用它时(使用 <script src"">),此代码停止工作并显示:
C:\\Users\\lages\\Desktop\\Pasta du apepe\\electron-quick-start\\node_modules\\depd\\index.js:413 Uncaught EvalError:拒绝将字符串评估为 JavaScript,因为 'unsafe-eval' 不是允许的来源以下内容安全策略指令中的脚本:“script-src 'self''unsafe-inline'”
at Function.wrapfunction [as function] (C:\Users\lages\Desktop\Pasta du apepe\electron-quick-start\node_modules\depd\index.js:413)
at Object.<anonymous> (C:\Users\lages\Desktop\Pasta du apepe\electron-quick-start\node_modules\body-parser\index.js:37)
at Object.<anonymous> (C:\Users\lages\Desktop\Pasta du apepe\electron-quick-start\node_modules\body-parser\index.js:159)
at Module._compile (internal/modules/cjs/loader.js:1078)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1108)
at Module.load (internal/modules/cjs/loader.js:935)
at Module._load (internal/modules/cjs/loader.js:776)
at Function.f._load (electron/js2c/asar_bundle.js:5)
at Function.o._load (electron/js2c/renderer_init.js:33)
at Module.require (internal/modules/cjs/loader.js:959)
关于如何解决此错误的任何想法?
我的代码
let ligar_desligar = document.getElementById("botao3")
let statusServer= false
const expresso= require("express")
var limpador = require("string-sanitizer");
const appe = expresso()
const httpServer = require("http").createServer(appe);
const options ={
}
const io = require("socket.io")(httpServer, options);
appe.use(expresso.static(__dirname+"/data"))
httpServer.listen(8889, ()=>console.log("adm online na porta http://localhost:8889"))
//SERVER EVENTS SECTION
io.on("connection", (socket) => {
console.log("nova conexao, o cara conectado e ID: ", socket.id)
socket.on("manda", (arg) => {
limpeza(arg)
console.log("recebi: ",arg); // world
socket.broadcast.emit("devolve", arg)
socket.emit("devolve", arg)
});
})
function limpeza(palavra){
limpador.sanitize.keepSpace(palavra); // abcdefgh123
}
问题解决了,我只需要添加
meta http-equiv="Content-Security-Policy" content="default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-eval'"
在 html 的元标记中
拒绝将字符串评估为 JavaScript,因为“unsafe-eval”不是允许的来源
[英]Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source
拒绝将字符串评估为 JavaScript,因为“unsafe-eval”不是脚本内容安全策略指令的允许来源:default-src self
[英]Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script Content Security Policy directive:default-src self
Chrome 扩展程序“拒绝将字符串评估为 JavaScript,因为 'unsafe-eval'
[英]Chrome extension "Refused to evaluate a string as JavaScript because 'unsafe-eval'
Angular:拒绝将字符串评估为 JavaScript,因为“不安全评估”
[英]Angular: Refused to evaluate a string as JavaScript because 'unsafe-eval'
ExcelJS:Angular 应用程序中的“未捕获的 EvalError:'unsafe-eval' 不是以下内容中允许的脚本源”
[英]ExcelJS: "Uncaught EvalError: 'unsafe-eval' is not an allowed source of script in the following Content" in Angular App
Chrome 扩展程序拒绝将字符串评估为 JavaScript,因为 emscripten 生成的文件中的“unsafe-eval”
[英]Chrome extension refused to evaluate a string as JavaScript because 'unsafe-eval' in emscripten generated file
如何从服务器获取 JavaScript,跟踪下载进度,并且不在 Content-Security-Policy 中使用 `unsafe-eval`?
[英]How to fetch JavaScript from server, track download progress, and not use `unsafe-eval` in Content-Security-Policy?
Chrome 扩展中的 Javascript Tensorflow 由于“不安全评估”而无法正常工作
[英]Javascript Tensorflow in Chrome Extension not working due to 'unsafe-eval'
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.