直接来自 GitHub 的热链接资源,如 JavaScript 文件 [英] Hotlink resources like JavaScript files directly from GitHub
问题描述
我问了一个关于包含来自 GitHub 的资源的问题,答案是使用原始链接:
I asked a question about including resources from GitHub and the answer was to use the raw link:
https://raw.github.com/username/repository/branch/file.js
我正在尝试使用以下方法包含脚本:
I am trying to include a script using:
<script
type="text/javascript"
src="https://raw.github.com/username/repo/master/src/file.js"
></script>
但我收到以下错误:
拒绝执行来自 'https://raw.github 的脚本.com/username/repo/master/src/file.js' 因为它的 MIME 类型('text/plain')不可执行,并且启用了严格的 MIME 类型检查.
Refused to execute script from 'https://raw.github.com/username/repo/master/src/file.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
是否有其他方法可以修复此错误?
Are there any alternatives to fix this error?
我不在生产中使用它,而是用于演示页面:
I don't use this in the production but for a demo page:
project-repository-from-github
├─ master
│ ├─ src
│ │ └─ my-jQuery-plugin.js
│ └─ README.md
└─ gh-pages
├─ css
│ └─ style.css
└─ index.html
在 index.html 页面中,我想要最新版本的 my-jQuery-plugin.js.因此,我会将原始 URL 包含到脚本中.
In the index.html page I want to have the latest build of my-jQuery-plugin.js. So, I would include the raw URL to the script.
如何修复错误?
推荐答案
是的,Github 在 2013 年 4 月改变了这个:
Yes, Github changed this in April, 2013:
早在 2011 年,我们就将 X-Content-Type-Options: nosniff
标头添加到我们的原始 URL 响应中,作为打击盗链的第一步.这会强制浏览器根据 Content-Type
标头处理内容.这意味着当我们为文件的原始视图设置 Content-Type: text/plain
时,浏览器将拒绝将该文件视为 JavaScript 或 CSS.
We added the
X-Content-Type-Options: nosniff
header to our raw URL responses way back in 2011 as a first step in combating hotlinking. This has the effect of forcing the browser to treat content in accordance with theContent-Type
header. That means that when we setContent-Type: text/plain
for raw views of files, the browser will refuse to treat that file as JavaScript or CSS.
但是由于 http://combinatronics.com/,我们可以包含 GH 脚本.唯一的变化是从 raw.github.com
变成了 combinatronics.com
:
But thanks to http://combinatronics.com/ we can include GH scripts. The only change is from raw.github.com
that becomes combinatronics.com
:
<script
type="text/javascript"
src="https://combinatronics.com/username/repo/master/src/file.js"
></script>
该项目托管在开源的 Github 上.
是的,@Lix 是正确的.这些文件不是来自 Github,而是来自 combinatronics.
And yes, @Lix is correct. The files are not being served from Github but from combinatronics.
我发现的另一个解决方法是:
Another workaround I found is that instead of:
<script
type="text/javascript"
src="https://combinatronics.com/username/repo/master/src/file.js"
></script>
你可以使用 $.getScript
jQuery 函数:
you can use $.getScript
jQuery function:
<script>
$.getScript("https://combinatronics.com/username/repo/master/src/file.js", function () {
/* do something when loaded */
});
</script>
这篇关于直接来自 GitHub 的热链接资源,如 JavaScript 文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!