如何在Chrome Extension Manifest.json中设置内容安全政策,以便Firebase发挥作用 [英] How to set Content Security Policy in Chrome Extension Manifest.json in order for Firebase to work
问题描述
它在一段时间内工作正常,但似乎Chrome有一些变化。
现在,在我的扩展中使用Inspect元素时,在javascript控制台中出现以下错误:
$ b
拒绝加载脚本' https://(myID).firebaseio.com /(otherprivatedata)',因为它违反以下内容安全策略指令:script-srcselfchrome-extension-resource:。
firebase.js:171,它不是我添加的脚本。
我尝试按照这个指南,并添加content_security_policy标签到我的manifest.json指示:
https://github.com/firebase/firebase-chrome-extension
我按照说明在我的manifest.json中添加了以下行:
content_security_policy:script-src'self'https://cdn.firebase.com https://*.fi rebaseio.com; object-src'self'
但是当我添加这行时,尝试在chrome中加载我的脚本时出错:// extension
加载扩展错误
无法加载扩展名:〜\XXX\my_ext
$ b 清单不是有效的JSON。行:14,列:5,语法错误。
它突出显示了我上面添加的行(content_security_policy)。
我在做什么错? Chrome完全拒绝了content_security_policy之后的任何内容。即使我尝试使用Google提供的示例代码,也无济于事。
developer.chrome.com/extensions/contentSecurityPolicy
content_security_policy:script-src'self'https: //example.com; object-src'self'
如何按顺序设置content_security_policy Firebase在Extension中工作?
(我的firebase.jp已经下载到我的扩展程序中,因为Chrome不会让我把它叫做远程的。)
...
options_page:option.html,
manifest_version:2,< - 这个COMMA
content_security_policy:script-src self'https://cdn.firebase.com https://*.firebaseio.com; object-src'self'
}
现在就开始工作,感谢您的帮助!
I made a Chrome Extension and used Firebase to collect data into a database. It worked fine for some time, but it seems there were some changes to Chrome. Now I get the following error in the javascript console when using Inspect Element on my Extension:
Refused to load the script 'https://(myID).firebaseio.com/(otherprivatedata)' because it violates the following Content Security Policy directive: "script-src 'self' chrome-extension-resource:".
This script is written at firebase.js:171, it's not script that I added.
I attempted to follow this guide and add the "content_security_policy" tag to my manifest.json as instructed: https://github.com/firebase/firebase-chrome-extension
I added the following line to my manifest.json as instructed:
"content_security_policy": "script-src 'self' https://cdn.firebase.com https://*.firebaseio.com; object-src 'self'"
However when I add this line, I now get an error when trying to load my script in chrome://extensions
Error Loading Extension
Failed to load extension from: ~\XXX\my_ext
Manifest is not valid JSON. Line: 14, column: 5, Syntax error.
And it highlights the line I just added above (content_security_policy). What am I doing wrong? It seems anything after "content_security_policy" is completely refused by Chrome.
Even when I try the sample code from Google, it doesn't work. developer.chrome.com/extensions/contentSecurityPolicy
"content_security_policy": "script-src 'self' https://example.com; object-src 'self'"
How can I set the content_security_policy in order for Firebase to work in an Extension?
(My firebase.jp is already downloaded and packaged in with my Extension since Chrome won't let me call it as remote.)
Yep, thanks rsanchez... totally forgot a comma...
...
"options_page": "option.html",
"manifest_version": 2, <- THIS COMMA
"content_security_policy": "script-src 'self' https://cdn.firebase.com https://*.firebaseio.com; object-src 'self'"
}
Works now, thanks for your help!
这篇关于如何在Chrome Extension Manifest.json中设置内容安全政策,以便Firebase发挥作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
