“[仅报告]拒绝加载字体...”控制台上的错误消息 [英] "[Report Only] Refused to load the font..." error message on console
本文介绍了“[仅报告]拒绝加载字体...”控制台上的错误消息的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
更具体地说:
[仅限报告]拒绝加载字体'data:application / x-font-woff; charset = utf-8; base64,d09GRgABAAAAABBQAAoAAAAAG ... H8zVsjnmMx0GcZ2HGViNOySWEa9fvEQtW43Nm + EOO0ZIpdLbMXoVzPJkcfHT6U + gLEpz / MAAAA',因为它违反了以下内容安全策略指令:font-src'self'。
这是我的 contentSecurityPolicy
c $ c> environment.js :
contentSecurityPolicy:{
'default-src ':''none'',
'script-src':'self''unsafe-inline''unsafe-eval'connect.facebook.net,
'connect-src' 'self',
'img-src':'self'www.facebook.com,
'style-src':'self''unsafe-inline',
'frame-src':s-static.ak.facebook.com static.ak.facebook.com www.facebook.com,
'report-uri':http:// localhost:4200
},
有什么问题吗?
解决方案
添加'font-src':data:,
将加载的字体列入白名单。 >
More specifically:
[Report Only] Refused to load the font 'data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAABBQAAoAAAAAG…H8zVsjnmMx0GcZ2HGViNOySWEa9fvEQtW43Nm+EOO0ZIpdLbMXoVzPJkcfHT6U+gLEpz/MAAAA' because it violates the following Content Security Policy directive: "font-src 'self'".
this is my contentSecurityPolicy
object at environment.js
:
contentSecurityPolicy: {
'default-src': "'none'",
'script-src': "'self' 'unsafe-inline' 'unsafe-eval' connect.facebook.net",
'connect-src': "'self'",
'img-src': "'self' www.facebook.com",
'style-src': "'self' 'unsafe-inline'",
'frame-src': "s-static.ak.facebook.com static.ak.facebook.com www.facebook.com",
'report-uri': "http://localhost:4200"
},
Is there anything wrong?
解决方案
Add 'font-src': "data:",
to whitelist the font being loaded.
这篇关于“[仅报告]拒绝加载字体...”控制台上的错误消息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文