WebView 内容安全策略 [英] WebView Content Security Policy

问题描述

我想在 WebView 中加载来自 Vimeo 的视频.它有效，但无法加载预览图像，我收到此错误:

I want to load a video from Vimeo in a WebView. It works, but the preview image doesn't load and I get this error:

I/chromium: [INFO:CONSOLE(0)] 拒绝加载图像 'android-webview-video-poster:default_video_poster/-5228946977756841864' 因为它违反了以下内容安全策略指令:img-src https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://sb.scorecardresearch.com https://ssl.google-analytics.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com"."，来源:https://player.vimeo.com/video/172374044 (0)

I/chromium: [INFO:CONSOLE(0)] "Refused to load the image 'android-webview-video-poster:default_video_poster/-5228946977756841864' because it violates the following Content Security Policy directive: "img-src https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://sb.scorecardresearch.com https://ssl.google-analytics.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com". ", source: https://player.vimeo.com/video/172374044 (0)

我该如何解决?

推荐答案

将以下内容添加到 Content-Security-Policy 元标记 img-src 指令:

Add the following to Content-Security-Policy meta tag img-src directive:

android-webview-video-poster:

如:

<meta http-equiv="Content-Security-Policy" content="default-src * gap:; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src *; img-src * data: blob: android-webview-video-poster:; style-src * 'unsafe-inline';">

这篇关于WebView 内容安全策略的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！