Firefox中奇怪的CSP错误 [英] Strange CSP error in Firefox
问题描述
我最近为 https://stefan.sofa-rockers.org/添加了以下CSP策略。
default-src 'self'; style-src 'self' https://brick.a.ssl.fastly.net; font-src 'self' https://brick.a.ssl.fastly.net
似乎可以在所有浏览器上正常工作,但是Firefox向我显示了这个奇怪的,被截断的错误消息:
It seems to work well on all browser, but Firefox is showing me this strange, truncated error message:
Content Security Policy: The page’s settings blocked the loading of a resource at self ("default-src https://stefan.sofa-rockers.org"). Source: (function (ERROR) {
const V8_STACK_.... stefan.sofa-rockers.org:1
我的CSP是否出现错误(所有资源都已加载,所以我认为不是这种情况),或者这可能是Firefox本身的错误吗?
Do I have an error in my CSP (all resources are getting loaded, so I don't think this is the case) or might this be a bug in Firefox itself?
推荐答案
您似乎遇到了已知的Firefox错误,该错误已在Firefox 58中部分修复。请参见改进的内容安全策略( CSP)以下博客文章的处理部分:
It looks like you may be hitting a known Firefox bug that’s been partially fixed in Firefox 58. See the Improved Content Security Policy (CSP) Handling section of the following blog post:
> https://blog.mozilla.org/addons/2017/11/20/extensions-in-firefox-58/
相关的现有Firefox错误如下:
The relevant existing Firefox bugs are these:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1406278
- https://bugzilla.mozilla.org/show_bug.cgi?id=1267027
- https://bugzilla.mozilla.org/show_bug.cgi?id=1406278
- https://bugzilla.mozilla.org/show_bug.cgi?id=1267027
具体来说,如此处的注释所述,如果您安装了Privacy Badger附加组件,则可能需要考虑禁用它。
And specifically, as noted in the comments here, if you have the Privacy Badger add-on installed, you might need to consider disabling it.
另请参阅以下相关的堆栈溢出答案:
See also the following related Stack Overflow answers:
- Firefox content script not loading in some pages
- Content Security Policy failing on line 1 (Firefox 57.0)
这篇关于Firefox中奇怪的CSP错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!