谷歌API的Chrome清单 [英] Chrome Manifest with Google API
问题描述
我需要一些建议,告诉我如何获取扩展名的chrome清单,以便在服务器和应用程序之间进行Google API通话。当我直接指向应用程序时(而不是扩展名),应用程序会正常加载。
然而,我的问题是,当我加载它作为扩展时,我得到以下错误:
拒绝将字符串评估为JavaScript,因为'unsafe-eval'不是下列内容安全策略指令中允许的脚本源:script-src'self'https://apis.google。 COM /。
该应用程序构建为与Google的Calendar API进行交互。
这是我的HTML标题(本地)的样子:
< HEAD>
< link href ='reset.css'rel =stylesheettype =text / css>
< link href ='style.css'rel =stylesheettype =text / css>
< link href ='animate-custom.css'rel =stylesheettype =text / css>
< script type =text / javascriptsrc =jquery.min.js>< / script>
< script src =https://apis.google.com/js/client.js?onload=onClientLoadtype =text / javascript>< / script>
< script src =main.jstype =text / javascript>< / script>
< script type =text / javascriptsrc =moment_langs.js>< / script>
< title> Dashboard< / title>
< / head>
当它的加载(**脚本加载 - 猜测api调用? :
< link href ='reset.css'rel =stylesheettype =text / css>
< link href ='style.css'rel =stylesheettype =text / css>
< link href ='animate-custom.css'rel =stylesheettype =text / css>
**< script src =https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en.lm_l25KfNhA.O/m=client/ rt = j / sv = 1 / d = 1 / ed = 1 / am = AQ / rs = AItRSTM1DJ5OrFPvETO8O24EqSIF_JCoKQ / cb = gapi.loaded_0async =>< / script> **
<脚本type =text / javascriptsrc =jquery.min.js>< / script>
< script src =https://apis.google.com/js/client.js?onload=handleClientLoadtype =text / javascript>< / script>
< script src =main.jstype =text / javascript>< / script>
< script type =text / javascriptsrc =moment_langs.js>< / script>
我的清单:
{
manifest_version:2,
name:我的仪表板,
版本:1.2,
content_security_policy: script-src'self'https://apis.google.com/; object-src'self',
permissions:[
webRequest,
*: //*.googleapis.com/*,
*://*.apis.google.com/*
,
chrome_url_overrides :{
newtab:index.html
}
}
这是我的扩展的一个例子。在这种情况下,我打电话给Drive'垃圾'API。
var xhr = new window ['JSONHttpRequest']() ;
xhr.open(POST,https://www.googleapis.com/drive/v2/files/+ id +/ trash,true);
xhr.setRequestHeader('Authorization','Bearer'+ token); // token来自chrome.identity
xhr.setRequestHeader('Content-Type','application / json');
xhr.sendJSON(dmark);
与原始的XMLHttpRequest不同,我使用JS库创建一个围绕XMLHttpRequest对象的JSON包装器。
I need some advice on how I can get my chrome manifest for an extension to allow a Google API talk between the servers and the application. The application loads fine when I point to it directly(not as extension).
However my problem is that when I load it as an extension I get the following error:
Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://apis.google.com/".
The application is built to interface with Google’s Calendar API.
This is what my HTML header looks like (locally):
<head>
<link href='reset.css' rel="stylesheet" type="text/css">
<link href='style.css' rel="stylesheet" type="text/css">
<link href='animate-custom.css' rel="stylesheet" type="text/css">
<script type="text/javascript" src="jquery.min.js"></script>
<script src="https://apis.google.com/js/client.js?onload=onClientLoad" type="text/javascript"></script>
<script src="main.js" type="text/javascript"></script>
<script type="text/javascript" src="moment_langs.js"></script>
<title>Dashboard</title>
</head>
This is what it looks like when its loaded (**scripts loads - guessing an api call?):
<link href='reset.css' rel="stylesheet" type="text/css">
<link href='style.css' rel="stylesheet" type="text/css">
<link href='animate-custom.css' rel="stylesheet" type="text/css">
**<script src="https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en.lm_l25KfNhA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AItRSTM1DJ5OrFPvETO8O24EqSIF_JCoKQ/cb=gapi.loaded_0" async=""></script>**
<script type="text/javascript" src="jquery.min.js"></script>
<script src="https://apis.google.com/js/client.js?onload=handleClientLoad" type="text/javascript"></script>
<script src="main.js" type="text/javascript"></script>
<script type="text/javascript" src="moment_langs.js"></script>
My manifest:
{
"manifest_version": 2,
"name": "My Dashboard",
"version": "1.2",
"content_security_policy": "script-src 'self' https://apis.google.com/; object-src 'self'",
"permissions": [
"webRequest",
"*://*.googleapis.com/*",
"*://*.apis.google.com/*"
],
"chrome_url_overrides" : {
"newtab": "index.html"
}
}
Here is an example from my extension. In this case I'm calling the Drive 'trash' API.
var xhr = new window['JSONHttpRequest']();
xhr.open("POST", "https://www.googleapis.com/drive/v2/files/" + id + "/trash", true);
xhr.setRequestHeader('Authorization', 'Bearer ' + token); // token comes from chrome.identity
xhr.setRequestHeader('Content-Type', 'application/json');
xhr.sendJSON(dmark);
Rather than the raw XMLHttpRequest, I use a JS library which creates a JSON wrapper around the XMLHttpRequest object.
这篇关于谷歌API的Chrome清单的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!